aws_ssm connection plugin should garbage collect the s3 bucket after the file transfers #222
Assignees
Labels
Comments
abeluck
added a commit
to abeluck/community.aws
that referenced
this issue
Sep 6, 2020
ansible-collections#222) * delete temporary files added to the transfer bucket after the transfer The aws_ssm connection plugin uses an s3 buckets to transfer files to instances. These files are now removed after a successful or failed transfer to avoid littering the bucket and costing the aws account money.
|
Hi @abeluck, thanks for reporting this (and 221). It looks like you might already be working on a pull request? We've identified that these are potential security vulnerabilities so if you could please tag me onto any PRs you open I would appreciate it. I'm also looking at some fixes for the integration tests, in case you've run into any problems running those. |
jillr
added a commit
to jillr/community.aws
that referenced
this issue
Sep 18, 2020
Files transferred to instances via the SSM connection plugin should use folders within the bucket that are namespaced per-host, to prevent collisions. Files should also be deleted from buckets when they are no longer required. Fixes: ansible-collections#221 Fixes: ansible-collections#222 Based on work by @abeluck
jillr
added a commit
to jillr/community.aws
that referenced
this issue
Sep 22, 2020
Files transferred to instances via the SSM connection plugin should use folders within the bucket that are namespaced per-host, to prevent collisions. Files should also be deleted from buckets when they are no longer required. Fixes: ansible-collections#221 Fixes: ansible-collections#222 Based on work by @abeluck
jillr
added a commit
to jillr/community.aws
that referenced
this issue
Sep 22, 2020
Files transferred to instances via the SSM connection plugin should use folders within the bucket that are namespaced per-host, to prevent collisions. Files should also be deleted from buckets when they are no longer required. Fixes: ansible-collections#221 Fixes: ansible-collections#222 Based on work by abeluck changelog
ansibullbot
added
affects_2.10
bug
alinabuzachis
pushed a commit
to alinabuzachis/community.aws
that referenced
this issue
Jul 19, 2021
…ollections#237) Files transferred to instances via the SSM connection plugin should use folders within the bucket that are namespaced per-host, to prevent collisions. Files should also be deleted from buckets when they are no longer required. Fixes: ansible-collections#221 Fixes: ansible-collections#222 Based on work by abeluck changelog
alinabuzachis
pushed a commit
to alinabuzachis/community.aws
that referenced
this issue
Jul 19, 2021
…ollections#237) Files transferred to instances via the SSM connection plugin should use folders within the bucket that are namespaced per-host, to prevent collisions. Files should also be deleted from buckets when they are no longer required. Fixes: ansible-collections#221 Fixes: ansible-collections#222 Based on work by abeluck changelog
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SUMMARY
The aws_ssm connection plugin uses an s3 buckets to transfer files to instances. These files remain in the bucket after the play has complete, they are never removed.
ISSUE TYPE
COMPONENT NAME
aws_ssm connection plugin
ANSIBLE VERSION
ansible 2.10.1rc2
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/user/.local/lib/python3.7/site-packages/ansible
executable location = /home/user/.local/bin/ansible
python version = 3.7.3 (default, Jul 25 2020, 13:03:44) [GCC 8.3.0]
CONFIGURATION
n/a
OS / ENVIRONMENT
debian 10
STEPS TO REPRODUCE
EXPECTED RESULTS
The plugin should garbage collect files after transferring them.
ACTUAL RESULTS
Files written remain there forever.
The text was updated successfully, but these errors were encountered: