community.aws.sns_topic does not work in GovCloud

[dmc5179]

Summary

The community.aws.sns_topic does not work in the GovCloud Region.

Issue Type

Bug Report

Component Name

sns_topic

Ansible Version

ansible 2.9.27
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ec2-user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, Mar 18 2021, 08:58:41) [GCC 8.4.1 20200928 (Red Hat 8.4.1-1)]

Collection Versions

$ ansible-galaxy collection list

This command doesn't work anymore I don't think. I only have the community.aws collection installed to test this issue.

AWS SDK versions

pip3 show boto boto3 botocore
Name: boto3
Version: 1.20.24
Summary: The AWS SDK for Python
Home-page: https://github.com/boto/boto3
Author: Amazon Web Services
Author-email: None
License: Apache License 2.0
Location: /home/ec2-user/.local/lib/python3.6/site-packages
Requires: s3transfer, jmespath, botocore
---
Name: botocore
Version: 1.23.24
Summary: Low-level, data-driven core of boto 3.
Home-page: https://github.com/boto/botocore
Author: Amazon Web Services
Author-email: None
License: Apache License 2.0
Location: /home/ec2-user/.local/lib/python3.6/site-packages
Requires: python-dateutil, jmespath, urllib3

Configuration

Empty

OS / Environment

Red Hat Enterprise Linux release 8.4 (Ootpa)

Steps to Reproduce

---
- hosts: localhost
  gather_facts: true

  tasks:

    - name: Create SNS
      delegate_to: localhost
      community.aws.sns_topic:
        name: "example"
        state: present
        display_name: "example sns topic"
        ec2_url: "https://sns.us-gov-west-1.amazonaws.com"
        topic_type: standard

ansible-playbook -vvv -i localhost sns.yaml

Expected Results

I expect an SNS topic to be created in my AWS GovCloud Account

Actual Results

The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_community.aws.sns_topic_payload_04_kg752/ansible_community.aws.sns_topic_payload.zip/ansible_collections/community/aws/plugins/modules/sns_topic.py", line 378, in _create_topic
  File "/home/ec2-user/.local/lib/python3.6/site-packages/botocore/client.py", line 391, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/home/ec2-user/.local/lib/python3.6/site-packages/botocore/client.py", line 719, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.errorfactory.InvalidParameterException: An error occurred (InvalidParameter) when calling the CreateTopic operation: Invalid parameter: Attributes Reason: Unknown attribute FifoTopic
fatal: [localhost -> localhost]: FAILED! => {
    "boto3_version": "1.20.24",
    "botocore_version": "1.23.24",
    "changed": false,
    "error": {
        "code": "InvalidParameter",
        "message": "Invalid parameter: Attributes Reason: Unknown attribute FifoTopic",
        "type": "Sender"
    },
    "invocation": {
        "module_args": {
            "aws_access_key": null,
            "aws_ca_bundle": null,
            "aws_config": null,
            "aws_secret_key": null,
            "debug_botocore_endpoint_logs": false,
            "delivery_policy": null,
            "display_name": "example sns topic",
            "ec2_url": "https://sns.us-gov-west-1.amazonaws.com",
            "name": "example",
            "policy": null,
            "profile": null,
            "purge_subscriptions": true,
            "region": null,
            "security_token": null,
            "state": "present",
            "subscriptions": [],
            "topic_type": "standard",
            "validate_certs": true
        }
    },
    "msg": "Couldn't create topic example: An error occurred (InvalidParameter) when calling the CreateTopic operation: Invalid parameter: Attributes Reason: Unknown attribute FifoTopic",
    "response_metadata": {
        "http_headers": {
            "content-length": "312",
            "content-type": "text/xml",
            "date": "Thu, 16 Dec 2021 23:35:12 GMT",
            "x-amzn-requestid": "6a6cc2e8-a524-5182-8158-98dd6a553688"
        },
        "http_status_code": 400,
        "request_id": "6a6cc2e8-a524-5182-8158-98dd6a553688",
        "retry_attempts": 0
    }
}

Code of Conduct

• I agree to follow the Ansible Code of Conduct

[dmc5179]

I suspect the issue is here: https://github.com/ansible-collections/community.aws/blob/main/plugins/modules/sns_topic.py#L368

This appears to add a FifoTopic attrribute, set to false by default. Perhaps the SNS API in GovCloud does not have this parameter and is the reason for the error? If I comment out the attributes line and set it to empty, the topic is created successfully

#attributes = {'FifoTopic': 'false'}
attributes = {}

[Razique]

@dmc5179
that is correct, FIFO topics are not supported in GovCloud.

Fix would consist in parsing the ec2_url or (even better) determining endpoint (commercial VS GovCloud) and pop the fifo attribute when the endpoint is GovCloud.

[ansibullbot]

cc @jillr @joelthompson @markuman @nand0p @s-hertel @tremble
click here for bot help

[aarowman]

We tried out what @dmc5179 did too, and it worked.

Do we actually NEED that attribute if it's false? Can it just be removed altogether if not set?

Otherwise, checking the endpoint somehow as @Razique suggested and removing the attribute altogether just for GovCloud.

[Razique]

@dmc5179 mind trying the fix that I released in the pull request?