def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
name=dict(required=True),
default_action=dict(choices=['block', 'allow', 'count']),
metric_name=dict(),
state=dict(default='present', choices=['present', 'absent']),
rules=dict(type='list'),
purge_rules=dict(type='bool', default=False)
),
)
module = AnsibleAWSModule(argument_spec=argument_spec,
required_if=[['state', 'present', ['default_action', 'rules']]])
state = module.params.get('state')
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
client = boto3_conn(module, conn_type='client', resource='waf', region=region, endpoint=ec2_url, **aws_connect_kwargs)
if state == 'present':
(changed, results) = ensure_web_acl_present(client, module)
else:
(changed, results) = ensure_web_acl_absent(client, module)
module.exit_json(changed=changed, web_acl=camel_dict_to_snake_dict(results))
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
role_arn=dict(required=True, default=None),
role_session_name=dict(required=True, default=None),
duration_seconds=dict(required=False, default=None, type='int'),
external_id=dict(required=False, default=None),
policy=dict(required=False, default=None),
mfa_serial_number=dict(required=False, default=None),
mfa_token=dict(required=False, default=None)
)
)
module = AnsibleAWSModule(argument_spec=argument_spec)
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
if region:
connection = boto3_conn(module, conn_type='client', resource='sts',
region=region, endpoint=ec2_url, **aws_connect_kwargs)
else:
module.fail_json(msg="region must be specified")
assume_role_policy(connection, module)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
details=dict(type='bool', default=False),
events=dict(type='bool', default=True),
cluster=dict(),
service=dict(type='list')
))
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
show_details = module.params.get('details')
task_mgr = EcsServiceManager(module)
if show_details:
if module.params['service']:
services = module.params['service']
else:
services = task_mgr.list_services(module.params['cluster'])['services']
ecs_facts = dict(services=[], services_not_running=[])
for chunk in chunks(services, 10):
running_services, services_not_running = task_mgr.describe_services(module.params['cluster'], chunk)
ecs_facts['services'].extend(running_services)
ecs_facts['services_not_running'].extend(services_not_running)
else:
ecs_facts = task_mgr.list_services(module.params['cluster'])
module.exit_json(changed=False, ansible_facts=ecs_facts, **ecs_facts)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
caller_reference=dict(),
distribution_id=dict(),
alias=dict(),
target_paths=dict(required=True, type='list')
))
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False, mutually_exclusive=[['distribution_id', 'alias']])
validation_mgr = CloudFrontInvalidationValidationManager(module)
service_mgr = CloudFrontInvalidationServiceManager(module)
caller_reference = module.params.get('caller_reference')
distribution_id = module.params.get('distribution_id')
alias = module.params.get('alias')
target_paths = module.params.get('target_paths')
result = {}
distribution_id = validation_mgr.validate_distribution_id(distribution_id, alias)
valid_target_paths = validation_mgr.validate_invalidation_batch(target_paths, caller_reference)
valid_pascal_target_paths = snake_dict_to_camel_dict(valid_target_paths, True)
result, changed = service_mgr.create_invalidation(distribution_id, valid_pascal_target_paths)
module.exit_json(changed=changed, **camel_dict_to_snake_dict(result))
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
autoscaling_group_name=dict(required=True, type='str'),
lifecycle_hook_name=dict(required=True, type='str'),
transition=dict(type='str', choices=['autoscaling:EC2_INSTANCE_TERMINATING', 'autoscaling:EC2_INSTANCE_LAUNCHING']),
role_arn=dict(type='str'),
notification_target_arn=dict(type='str'),
notification_meta_data=dict(type='str'),
heartbeat_timeout=dict(type='int'),
default_result=dict(default='ABANDON', choices=['ABANDON', 'CONTINUE']),
state=dict(default='present', choices=['present', 'absent'])
)
)
module = AnsibleAWSModule(argument_spec=argument_spec,
required_if=[['state', 'present', ['transition']]])
state = module.params.get('state')
region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True)
connection = boto3_conn(module, conn_type='client', resource='autoscaling', region=region, endpoint=ec2_url, **aws_connect_params)
changed = False
if state == 'present':
changed = create_lifecycle_hook(connection, module)
elif state == 'absent':
changed = delete_lifecycle_hook(connection, module)
module.exit_json(changed=changed)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
vpc_id=dict(required=True),
state=dict(default='present', choices=['present', 'absent'])
))
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True)
connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params)
vpc_id = module.params.get('vpc_id')
state = module.params.get('state')
eigw_id = describe_eigws(module, connection, vpc_id)
result = dict(gateway_id=eigw_id, vpc_id=vpc_id)
changed = False
if state == 'present' and not eigw_id:
changed, result['gateway_id'] = create_eigw(module, connection, vpc_id)
elif state == 'absent' and eigw_id:
changed = delete_eigw(module, connection, eigw_id)
module.exit_json(changed=changed, **result)
def test_botocore_exception_without_response_reports_nicely_via_fail_json_aws(self):
basic._ANSIBLE_ARGS = to_bytes(json.dumps({'ANSIBLE_MODULE_ARGS': {}}))
module = AnsibleAWSModule(argument_spec=dict(
fail_mode=dict(type='list', default=['success'])
))
fail_json_double = Mock()
err_msg = None
with patch.object(basic.AnsibleModule, 'fail_json', fail_json_double):
try:
raise botocore.exceptions.ClientError(err_msg, 'Could not find you')
except Exception as e:
print("exception is " + str(e))
module.fail_json_aws(e, msg="Fake failure for testing boto exception messages")
assert(len(fail_json_double.mock_calls) > 0), "failed to call fail_json when should have"
assert(len(fail_json_double.mock_calls) < 2), "called fail_json multiple times"
assert("test_botocore_exception_without_response_reports_nicely_via_fail_json_aws"
in fail_json_double.mock_calls[0][2]["exception"]), \
"exception traceback doesn't include correct function, fail call was actually: " \
+ str(fail_json_double.mock_calls[0])
assert("Fake failure for testing boto exception messages"
in fail_json_double.mock_calls[0][2]["msg"]), \
"error message doesn't include the local message; was: " \
+ str(fail_json_double.mock_calls[0])
def main():
"""
Module action handler
"""
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
id=dict(),
name=dict(),
tags=dict(type="dict", default={}),
targets=dict(type="list", default=[])
))
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
region, _, aws_connect_params = get_aws_connection_info(module, boto3=True)
connection = EFSConnection(module, region, **aws_connect_params)
name = module.params.get('name')
fs_id = module.params.get('id')
tags = module.params.get('tags')
targets = module.params.get('targets')
file_systems_info = connection.get_file_systems(fs_id, name)
if tags:
file_systems_info = [item for item in file_systems_info if has_tags(item['tags'], tags)]
if targets:
targets = [(item, prefix_to_attr(item)) for item in targets]
file_systems_info = [item for item in file_systems_info if has_targets(item['mount_targets'], targets)]
module.exit_json(changed=False, ansible_facts={'efs': file_systems_info})
def main():
module = AnsibleAWSModule(
argument_spec=dict(
filters=dict(type='dict', default={})
),
supports_check_mode=True
)
module.exit_json(changed=False, addresses=get_eips_details(module))
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
force=dict(required=False, default='no', type='bool'),
policy=dict(required=False, default=None, type='json'),
name=dict(required=True, type='str'),
requester_pays=dict(default='no', type='bool'),
s3_url=dict(aliases=['S3_URL'], type='str'),
state=dict(default='present', type='str', choices=['present', 'absent']),
tags=dict(required=False, default=None, type='dict'),
versioning=dict(default=None, type='bool'),
ceph=dict(default='no', type='bool')
)
)
module = AnsibleAWSModule(argument_spec=argument_spec)
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
if region in ('us-east-1', '', None):
# default to US Standard region
location = 'us-east-1'
else:
# Boto uses symbolic names for locations but region strings will
# actually work fine for everything except us-east-1 (US Standard)
location = region
s3_url = module.params.get('s3_url')
ceph = module.params.get('ceph')
# allow eucarc environment variables to be used if ansible vars aren't set
if not s3_url and 'S3_URL' in os.environ:
s3_url = os.environ['S3_URL']
if ceph and not s3_url:
module.fail_json(msg='ceph flavour requires s3_url')
# Look at s3_url and tweak connection settings
# if connecting to Ceph RGW, Walrus or fakes3
if s3_url:
for key in ['validate_certs', 'security_token', 'profile_name']:
aws_connect_kwargs.pop(key, None)
s3_client = get_s3_client(module, aws_connect_kwargs, location, ceph, s3_url)
if s3_client is None: # this should never happen
module.fail_json(msg='Unknown error, failed to create s3 connection, no information from boto.')
state = module.params.get("state")
if state == 'present':
create_or_update_bucket(s3_client, module, location)
elif state == 'absent':
destroy_bucket(s3_client, module)
def main():
"""
Main entry point.
:return dict: ansible facts
"""
argument_spec = dict(
function_name=dict(required=False, default=None, aliases=['function', 'name']),
query=dict(required=False, choices=['aliases', 'all', 'config', 'mappings', 'policy', 'versions'], default='all'),
event_source_arn=dict(required=False, default=None)
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True,
mutually_exclusive=[],
required_together=[]
)
# validate function_name if present
function_name = module.params['function_name']
if function_name:
if not re.search(r"^[\w\-:]+$", function_name):
module.fail_json(
msg='Function name {0} is invalid. Names must contain only alphanumeric characters and hyphens.'.format(function_name)
)
if len(function_name) > 64:
module.fail_json(msg='Function name "{0}" exceeds 64 character limit'.format(function_name))
try:
region, endpoint, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
aws_connect_kwargs.update(dict(region=region,
endpoint=endpoint,
conn_type='client',
resource='lambda'
))
client = boto3_conn(module, **aws_connect_kwargs)
except ClientError as e:
module.fail_json_aws(e, "trying to set up boto connection")
this_module = sys.modules[__name__]
invocations = dict(
aliases='alias_details',
all='all_details',
config='config_details',
mappings='mapping_details',
policy='policy_details',
versions='version_details',
)
this_module_function = getattr(this_module, invocations[module.params['query']])
all_facts = fix_return(this_module_function(client, module))
results = dict(ansible_facts={'lambda_facts': {'function': all_facts}}, changed=False)
if module.check_mode:
results['msg'] = 'Check mode set but ignored for fact gathering only.'
module.exit_json(**results)
def main():
argument_spec = dict(
state=dict(type='str', default='present', choices=['present', 'absent']),
filters=dict(type='dict', default={}),
vpn_gateway_id=dict(type='str'),
tags=dict(default={}, type='dict'),
connection_type=dict(default='ipsec.1', type='str'),
tunnel_options=dict(type='list', default=[]),
static_only=dict(default=False, type='bool'),
customer_gateway_id=dict(type='str'),
vpn_connection_id=dict(type='str'),
purge_tags=dict(type='bool', default=False),
routes=dict(type='list', default=[]),
purge_routes=dict(type='bool', default=False),
)
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
connection = module.client('ec2')
state = module.params.get('state')
parameters = dict(module.params)
try:
if state == 'present':
changed, response = ensure_present(connection, parameters, module.check_mode)
elif state == 'absent':
changed, response = ensure_absent(connection, parameters, module.check_mode)
except VPNConnectionException as e:
if e.exception:
module.fail_json_aws(e.exception, msg=e.msg)
else:
module.fail_json(msg=e.msg)
module.exit_json(changed=changed, **camel_dict_to_snake_dict(response))
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
state=dict(required=True, choices=['present', 'absent']),
name=dict(),
location=dict(),
bandwidth=dict(choices=['1Gbps', '10Gbps']),
link_aggregation_group=dict(),
connection_id=dict(),
forced_update=dict(type='bool', default=False)
))
module = AnsibleAWSModule(
argument_spec=argument_spec,
required_one_of=[('connection_id', 'name')],
required_if=[('state', 'present', ('location', 'bandwidth'))]
)
connection = module.client('directconnect')
state = module.params.get('state')
try:
connection_id = connection_exists(
connection,
connection_id=module.params.get('connection_id'),
connection_name=module.params.get('name')
)
if not connection_id and module.params.get('connection_id'):
module.fail_json(msg="The Direct Connect connection {0} does not exist.".format(module.params.get('connection_id')))
if state == 'present':
changed, connection_id = ensure_present(connection,
connection_id=connection_id,
connection_name=module.params.get('name'),
location=module.params.get('location'),
bandwidth=module.params.get('bandwidth'),
lag_id=module.params.get('link_aggregation_group'),
forced_update=module.params.get('forced_update'))
response = connection_status(connection, connection_id)
elif state == 'absent':
changed = ensure_absent(connection, connection_id)
response = {}
except DirectConnectError as e:
if e.last_traceback:
module.fail_json(msg=e.msg, exception=e.last_traceback, **camel_dict_to_snake_dict(e.exception.response))
else:
module.fail_json(msg=e.msg)
module.exit_json(changed=changed, **camel_dict_to_snake_dict(response))
def main():
argument_spec = dict(
gather_local_disks=dict(type='bool', default=True),
gather_tapes=dict(type='bool', default=True),
gather_file_shares=dict(type='bool', default=True),
gather_volumes=dict(type='bool', default=True)
)
module = AnsibleAWSModule(argument_spec=argument_spec)
client = module.client('storagegateway')
if client is None: # this should never happen
module.fail_json(msg='Unknown error, failed to create storagegateway client, no information from boto.')
SGWFactsManager(client, module).fetch()
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
vpn_connection_ids=dict(default=[], type='list'),
filters=dict(default={}, type='dict')
)
)
module = AnsibleAWSModule(argument_spec=argument_spec,
mutually_exclusive=[['vpn_connection_ids', 'filters']],
supports_check_mode=True)
connection = module.client('ec2')
list_vpn_connections(connection, module)
def main():
argument_spec = (dict(
cross_zone_load_balancing=dict(type='bool'),
deletion_protection=dict(type='bool'),
listeners=dict(type='list',
elements='dict',
options=dict(Protocol=dict(type='str', required=True),
Port=dict(type='int', required=True),
SslPolicy=dict(type='str'),
Certificates=dict(type='list'),
DefaultActions=dict(type='list',
required=True))),
name=dict(required=True, type='str'),
purge_listeners=dict(default=True, type='bool'),
purge_tags=dict(default=True, type='bool'),
subnets=dict(type='list'),
subnet_mappings=dict(type='list'),
scheme=dict(default='internet-facing',
choices=['internet-facing', 'internal']),
state=dict(choices=['present', 'absent'], type='str'),
tags=dict(type='dict'),
wait_timeout=dict(type='int'),
wait=dict(type='bool')))
module = AnsibleAWSModule(
argument_spec=argument_spec,
mutually_exclusive=[['subnets', 'subnet_mappings']])
# Check for subnets or subnet_mappings if state is present
state = module.params.get("state")
if state == 'present':
if module.params.get("subnets") is None and module.params.get(
"subnet_mappings") is None:
module.fail_json(
msg=
"'subnets' or 'subnet_mappings' is required when state=present"
)
# Quick check of listeners parameters
listeners = module.params.get("listeners")
if listeners is not None:
for listener in listeners:
for key in listener.keys():
if key == 'Protocol' and listener[key] != 'TCP':
module.fail_json(msg="'Protocol' must be 'TCP'")
connection = module.client('elbv2')
connection_ec2 = module.client('ec2')
elb = NetworkLoadBalancer(connection, connection_ec2, module)
if state == 'present':
create_or_update_elb(elb)
else:
delete_elb(elb)
def main():
argument_spec = dict(vpn_connection_ids=dict(default=[], type='list'),
filters=dict(default={}, type='dict'))
module = AnsibleAWSModule(
argument_spec=argument_spec,
mutually_exclusive=[['vpn_connection_ids', 'filters']],
supports_check_mode=True)
if module._module._name == 'ec2_vpc_vpn_facts':
module._module.deprecate(
"The 'ec2_vpc_vpn_facts' module has been renamed to 'ec2_vpc_vpn_info'",
version='2.13')
connection = module.client('ec2')
list_vpn_connections(connection, module)
def test_create_aws_module_should_set_up_params(self):
m = AnsibleAWSModule(argument_spec=dict(
win_string_arg=dict(type='list', default=['win'])))
m_noretry_no_customargs = AnsibleAWSModule(
auto_retry=False,
default_args=False,
argument_spec=dict(
success_string_arg=dict(type='list', default=['success'])))
assert m, "module wasn't true!!"
assert m_noretry_no_customargs, "module wasn't true!!"
m_params = m.params
m_no_defs_params = m_noretry_no_customargs.params
assert 'region' in m_params
assert 'win' in m_params["win_string_arg"]
assert 'success' in m_no_defs_params["success_string_arg"]
assert 'aws_secret_key' not in m_no_defs_params
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(name=dict(required=False), ))
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module,
boto3=True)
client = boto3_conn(module,
conn_type='client',
resource='elasticache',
region=region,
endpoint=ec2_url,
**aws_connect_kwargs)
module.exit_json(
elasticache_clusters=get_elasticache_clusters(client, module, region))
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
zone=dict(required=True),
state=dict(default='present', choices=['present', 'absent']),
vpc_id=dict(default=None),
vpc_region=dict(default=None),
comment=dict(default=''),
hosted_zone_id=dict()))
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
zone_in = module.params.get('zone').lower()
state = module.params.get('state').lower()
vpc_id = module.params.get('vpc_id')
vpc_region = module.params.get('vpc_region')
if not zone_in.endswith('.'):
zone_in += "."
private_zone = bool(vpc_id and vpc_region)
client = module.client('route53')
zones = find_zones(module, client, zone_in, private_zone)
if state == 'present':
changed, result = create(module, client, matching_zones=zones)
elif state == 'absent':
changed, result = delete(module, client, matching_zones=zones)
if isinstance(result, dict):
module.exit_json(changed=changed, result=result, **result)
else:
module.exit_json(changed=changed, result=result)
def main():
argument_spec = dict(
name=dict(required=True),
schedule_expression=dict(),
event_pattern=dict(),
state=dict(choices=['present', 'disabled', 'absent'],
default='present'),
description=dict(),
role_arn=dict(),
targets=dict(type='list', default=[]),
)
module = AnsibleAWSModule(argument_spec=argument_spec)
rule_data = dict([(rf, module.params.get(rf))
for rf in CloudWatchEventRuleManager.RULE_FIELDS])
targets = module.params.get('targets')
state = module.params.get('state')
client = module.client('events')
cwe_rule = CloudWatchEventRule(module, client=client, **rule_data)
cwe_rule_manager = CloudWatchEventRuleManager(cwe_rule, targets)
if state == 'present':
cwe_rule_manager.ensure_present()
elif state == 'disabled':
cwe_rule_manager.ensure_disabled()
elif state == 'absent':
cwe_rule_manager.ensure_absent()
else:
module.fail_json(msg="Invalid state '{0}' provided".format(state))
module.exit_json(**cwe_rule_manager.fetch_aws_state())
def main():
filters_subspec = dict(
country=dict(),
field_to_match=dict(choices=['uri', 'query_string', 'header', 'method', 'body']),
header=dict(),
transformation=dict(choices=['none', 'compress_white_space',
'html_entity_decode', 'lowercase',
'cmd_line', 'url_decode']),
position=dict(choices=['exactly', 'starts_with', 'ends_with',
'contains', 'contains_word']),
comparison=dict(choices=['EQ', 'NE', 'LE', 'LT', 'GE', 'GT']),
target_string=dict(), # Bytes
size=dict(type='int'),
ip_address=dict(),
regex_pattern=dict(),
)
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
name=dict(required=True),
type=dict(required=True, choices=['byte', 'geo', 'ip', 'regex', 'size', 'sql', 'xss']),
filters=dict(type='list'),
purge_filters=dict(type='bool', default=False),
waf_regional=dict(type='bool', default=False),
state=dict(default='present', choices=['present', 'absent']),
),
)
module = AnsibleAWSModule(argument_spec=argument_spec,
required_if=[['state', 'present', ['filters']]])
state = module.params.get('state')
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
resource = 'waf' if not module.params['waf_regional'] else 'waf-regional'
client = boto3_conn(module, conn_type='client', resource=resource, region=region, endpoint=ec2_url, **aws_connect_kwargs)
condition = Condition(client, module)
if state == 'present':
(changed, results) = condition.ensure_condition_present()
# return a condition agnostic ID for use by aws_waf_rule
results['ConditionId'] = results[condition.conditionsetid]
else:
(changed, results) = condition.ensure_condition_absent()
module.exit_json(changed=changed, condition=camel_dict_to_snake_dict(results))
def main():
argument_spec = dict(
db_snapshot_identifier=dict(aliases=['snapshot_name']),
db_instance_identifier=dict(),
db_cluster_identifier=dict(),
db_cluster_snapshot_identifier=dict(),
snapshot_type=dict(choices=['automated', 'manual', 'shared', 'public'])
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True,
mutually_exclusive=[['db_snapshot_identifier', 'db_instance_identifier', 'db_cluster_identifier', 'db_cluster_snapshot_identifier']]
)
if module._name == 'rds_snapshot_facts':
module.deprecate("The 'rds_snapshot_facts' module has been renamed to 'rds_snapshot_info'", version='2.13')
conn = module.client('rds', retry_decorator=AWSRetry.jittered_backoff(retries=10))
results = dict()
if not module.params['db_cluster_identifier'] and not module.params['db_cluster_snapshot_identifier']:
results['snapshots'] = standalone_snapshot_info(module, conn)
if not module.params['db_snapshot_identifier'] and not module.params['db_instance_identifier']:
results['cluster_snapshots'] = cluster_snapshot_info(module, conn)
module.exit_json(changed=False, **results)
def test_botocore_exception_reports_nicely_via_fail_json_aws(self):
basic._ANSIBLE_ARGS = to_bytes(
json.dumps({
'ANSIBLE_MODULE_ARGS': {
'_ansible_tmpdir': '/tmp/ansible-abc'
}
}))
module = AnsibleAWSModule(argument_spec=dict(
fail_mode=dict(type='list', default=['success'])))
fail_json_double = Mock()
err_msg = {'Error': {'Code': 'FakeClass.FakeError'}}
with patch.object(basic.AnsibleModule, 'fail_json', fail_json_double):
try:
raise botocore.exceptions.ClientError(err_msg,
'Could not find you')
except Exception as e:
print("exception is " + str(e))
module.fail_json_aws(
e, msg="Fake failure for testing boto exception messages")
assert (len(fail_json_double.mock_calls) >
0), "failed to call fail_json when should have"
assert (len(fail_json_double.mock_calls) <
2), "called fail_json multiple times when once would do"
assert("test_botocore_exception_reports_nicely"
in fail_json_double.mock_calls[0][2]["exception"]), \
"exception traceback doesn't include correct function, fail call was actually: " \
+ str(fail_json_double.mock_calls[0])
assert("Fake failure for testing boto exception messages:"
in fail_json_double.mock_calls[0][2]["msg"]), \
"error message doesn't include the local message; was: " \
+ str(fail_json_double.mock_calls[0])
assert("Could not find you" in fail_json_double.mock_calls[0][2]["msg"]), \
"error message doesn't include the botocore exception message; was: " \
+ str(fail_json_double.mock_calls[0])
try:
fail_json_double.mock_calls[0][2]["error"]
except KeyError:
raise Exception("error was missing; call was: " +
str(fail_json_double.mock_calls[0]))
assert("FakeClass.FakeError" == fail_json_double.mock_calls[0][2]["error"]["code"]), \
"Failed to find error/code; was: " + str(fail_json_double.mock_calls[0])
def main():
argument_spec = dict(
name=dict(required=True, type='str'),
description=dict(required=False),
target_arns=dict(type='list', elements='str'),
state=dict(default='present', choices=['present', 'absent']),
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
client = module.client('apigateway')
state = module.params.get('state')
try:
if state == "present":
result = ensure_vpc_link_present(module, client)
elif state == 'absent':
result = ensure_vpc_link_absent(module, client)
except botocore.exceptions.ClientError as e:
module.fail_json_aws(e)
module.exit_json(**result)
def main():
argument_spec = dict(
name=dict(required=True, aliases=['domain_name']),
cert_arn=dict(required=False),
cert_name=dict(required=False),
security_policy=dict(required=False),
state=dict(default='present', choices=['present', 'absent']),
tags=dict(type='dict'),
purge_tags=dict(type='bool', default=False),
)
mutually_exclusive = [['cert_arn', 'cert_name']]
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True,
mutually_exclusive=mutually_exclusive,
)
client = module.client('apigateway')
state = module.params.get('state')
try:
if state == "present":
result = ensure_domain_name_present(module, client)
elif state == 'absent':
result = ensure_domain_name_absent(module, client)
except botocore.exceptions.ClientError as e:
module.fail_json_aws(e)
module.exit_json(**result)
def main():
argument_spec = (
dict(
state=dict(require=False, type='str', default='present',
choices=['present', 'absent']),
name=dict(required=True, type='str'),
trigger_type=dict(required=False, type='str',
choice=['SCHEDULED', 'CONDITIONAL', 'ON_DEMAND']),
schedule=dict(required=False, type='str'),
actions=dict(required=False, type='list'),
)
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
required_if=[
('state', 'present', ['trigger_type', 'trigger_type', 'actions']),
('trigger_type', 'SCHEDULED', ['schedule'])
]
)
if not HAS_BOTO:
module.fail_json(msg='boto3 required for this module, install via pip or your package manager')
client = module.client('glue')
params = module.params
if params.get('state') == 'present':
changed = create_or_update_glue_trigger(client, params, module)
else:
changed = delete_glue_trigger(client, params, module)
module.exit_json(changed=changed)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(az=dict(default=None, required=False),
cidr=dict(default=None, required=True),
ipv6_cidr=dict(default='', required=False),
state=dict(default='present', choices=['present', 'absent']),
tags=dict(default={},
required=False,
type='dict',
aliases=['resource_tags']),
vpc_id=dict(default=None, required=True),
map_public=dict(default=False, required=False, type='bool'),
assign_instances_ipv6=dict(default=False,
required=False,
type='bool'),
wait=dict(type='bool', default=True),
wait_timeout=dict(type='int', default=300, required=False),
purge_tags=dict(default=True, type='bool')))
required_if = [('assign_instances_ipv6', True, ['ipv6_cidr'])]
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True,
required_if=required_if)
if module.params.get(
'assign_instances_ipv6') and not module.params.get('ipv6_cidr'):
module.fail_json(
msg=
"assign_instances_ipv6 is True but ipv6_cidr is None or an empty string"
)
region, ec2_url, aws_connect_params = get_aws_connection_info(module,
boto3=True)
connection = boto3_conn(module,
conn_type='client',
resource='ec2',
region=region,
endpoint=ec2_url,
**aws_connect_params)
state = module.params.get('state')
try:
if state == 'present':
result = ensure_subnet_present(connection, module)
elif state == 'absent':
result = ensure_subnet_absent(connection, module)
except botocore.exceptions.ClientError as e:
module.fail_json(msg=e.message,
exception=traceback.format_exc(),
**camel_dict_to_snake_dict(e.response))
module.exit_json(**result)
def main():
argument_spec = dict(
name=dict(required=False, type='str'),
id=dict(required=False, type='str'),
description=dict(required=False, type='str'),
value=dict(required=False, type='str'),
enabled=dict(required=False, type='bool', default=False),
generate_distinct_id=dict(required=False, type='bool', default=False),
state=dict(default='present', choices=['present', 'absent']),
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
client = module.client('apigateway')
state = module.params.get('state')
try:
if state == "present":
result = ensure_api_key_present(module, client)
elif state == 'absent':
result = ensure_api_key_absent(module, client)
except botocore.exceptions.ClientError as e:
module.fail_json_aws(e)
module.exit_json(**result)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(names=dict(type='list', default=[])))
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
region, ec2_url, aws_connect_params = get_aws_connection_info(module,
boto3=True)
connection = boto3_conn(module,
resource='ec2',
conn_type='client',
region=region,
**aws_connect_params)
placement_groups = get_placement_groups_details(connection, module)
module.exit_json(changed=False, placement_groups=placement_groups)
def main():
argument_spec = dict(name=dict(required=True, type='str'),
rules=dict(type='list'),
state=dict(type='str',
choices=['present', 'absent'],
required=True))
module = AnsibleAWSModule(argument_spec=argument_spec)
client = module.client('s3')
state = module.params.get("state")
if state == 'present':
create_or_update_bucket_cors(client, module)
elif state == 'absent':
destroy_bucket_cors(client, module)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
task_definition=dict(required=True, type='str')
))
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
ecs = boto3_conn(module, conn_type='client', resource='ecs',
region=region, endpoint=ec2_url, **aws_connect_kwargs)
try:
ecs_td = ecs.describe_task_definition(taskDefinition=module.params['task_definition'])['taskDefinition']
except botocore.exceptions.ClientError:
ecs_td = {}
module.exit_json(changed=False, **camel_dict_to_snake_dict(ecs_td))
def main():
argument_spec = dict(
image_ids=dict(default=[], type='list', aliases=['image_id']),
filters=dict(default={}, type='dict'),
owners=dict(default=[], type='list', aliases=['owner']),
executable_users=dict(default=[], type='list', aliases=['executable_user']),
describe_image_attributes=dict(default=False, type='bool')
)
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
if module._module._name == 'ec2_ami_facts':
module._module.deprecate("The 'ec2_ami_facts' module has been renamed to 'ec2_ami_info'",
version='2.13', collection_name='ansible.builtin')
ec2_client = module.client('ec2')
list_ec2_images(ec2_client, module)
def main():
argument_spec = dict(vpc_id=dict(required=True),
state=dict(default='present',
choices=['present', 'absent']),
tags=dict(default=dict(),
required=False,
type='dict',
aliases=['resource_tags']))
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
results = dict(changed=False)
igw_manager = AnsibleEc2Igw(module=module, results=results)
igw_manager.process()
module.exit_json(**results)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
source_region=dict(required=True),
source_image_id=dict(required=True),
name=dict(default='default'),
description=dict(default=''),
encrypted=dict(type='bool', default=False, required=False),
kms_key_id=dict(type='str', required=False),
wait=dict(type='bool', default=False),
wait_timeout=dict(type='int', default=600),
tags=dict(type='dict')),
tag_equality=dict(type='bool', default=False))
module = AnsibleAWSModule(argument_spec=argument_spec)
# TODO: Check botocore version
ec2 = module.client('ec2')
copy_image(module, ec2)
def setup_module_object():
module = AnsibleAWSModule(
argument_spec=argument_spec,
required_if=required_if,
mutually_exclusive=[['old_instance_id', 'source_db_instance_identifier',
'db_snapshot_identifier']],
supports_check_mode=True,
)
return module
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
state=dict(required=True, choices=['present', 'absent'], type='str'),
policy_name=dict(required=True, type='str'),
service_namespace=dict(required=True, choices=['ecs', 'elasticmapreduce', 'ec2', 'appstream', 'dynamodb'], type='str'),
resource_id=dict(required=True, type='str'),
scalable_dimension=dict(required=True, choices=['ecs:service:DesiredCount',
'ec2:spot-fleet-request:TargetCapacity',
'elasticmapreduce:instancegroup:InstanceCount',
'appstream:fleet:DesiredCapacity',
'dynamodb:table:ReadCapacityUnits',
'dynamodb:table:WriteCapacityUnits',
'dynamodb:index:ReadCapacityUnits',
'dynamodb:index:WriteCapacityUnits'
], type='str'),
policy_type=dict(required=True, choices=['StepScaling', 'TargetTrackingScaling'], type='str'),
step_scaling_policy_configuration=dict(required=False, type='dict'),
target_tracking_scaling_policy_configuration=dict(
required=False,
type='dict',
options=dict(
CustomizedMetricSpecification=dict(type='dict'),
DisableScaleIn=dict(type='bool'),
PredefinedMetricSpecification=dict(type='dict'),
ScaleInCooldown=dict(type='int'),
ScaleOutCooldown=dict(type='int'),
TargetValue=dict(type='float'),
)
),
minimum_tasks=dict(required=False, type='int'),
maximum_tasks=dict(required=False, type='int'),
override_task_capacity=dict(required=False, type=bool)
))
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
connection = module.client('application-autoscaling')
# Remove any target_tracking_scaling_policy_configuration suboptions that are None
policy_config_options = [
'CustomizedMetricSpecification', 'DisableScaleIn', 'PredefinedMetricSpecification', 'ScaleInCooldown', 'ScaleOutCooldown', 'TargetValue'
]
if isinstance(module.params['target_tracking_scaling_policy_configuration'], dict):
for option in policy_config_options:
if module.params['target_tracking_scaling_policy_configuration'][option] is None:
module.params['target_tracking_scaling_policy_configuration'].pop(option)
if module.params.get("state") == 'present':
# A scalable target must be registered prior to creating a scaling policy
scalable_target_result = create_scalable_target(connection, module)
policy_result = create_scaling_policy(connection, module)
# Merge the results of the scalable target creation and policy deletion/creation
# There's no risk in overriding values since mutual keys have the same values in our case
merged_result = merge_results(scalable_target_result, policy_result)
module.exit_json(**merged_result)
else:
policy_result = delete_scaling_policy(connection, module)
module.exit_json(**policy_result)
def main():
"""
Main entry point.
:return dict: ansible facts
"""
argument_spec = dict(
function_name=dict(required=False, default=None, aliases=['function', 'name']),
query=dict(required=False, choices=['aliases', 'all', 'config', 'mappings', 'policy', 'versions'], default='all'),
event_source_arn=dict(required=False, default=None)
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True,
mutually_exclusive=[],
required_together=[]
)
# validate function_name if present
function_name = module.params['function_name']
if function_name:
if not re.search(r"^[\w\-:]+$", function_name):
module.fail_json(
msg='Function name {0} is invalid. Names must contain only alphanumeric characters and hyphens.'.format(function_name)
)
if len(function_name) > 64:
module.fail_json(msg='Function name "{0}" exceeds 64 character limit'.format(function_name))
client = module.client('lambda')
invocations = dict(
aliases='alias_details',
all='all_details',
config='config_details',
mappings='mapping_details',
policy='policy_details',
versions='version_details',
)
this_module_function = globals()[invocations[module.params['query']]]
all_facts = fix_return(this_module_function(client, module))
results = dict(function=all_facts, changed=False)
if module.check_mode:
results['msg'] = 'Check mode set but ignored for fact gathering only.'
module.exit_json(**results)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(deregistration_delay_timeout=dict(type='int'),
health_check_protocol=dict(
choices=['http', 'https', 'tcp', 'HTTP', 'HTTPS', 'TCP']),
health_check_port=dict(),
health_check_path=dict(),
health_check_interval=dict(type='int'),
health_check_timeout=dict(type='int'),
healthy_threshold_count=dict(type='int'),
modify_targets=dict(default=True, type='bool'),
name=dict(required=True),
port=dict(type='int'),
protocol=dict(
choices=['http', 'https', 'tcp', 'HTTP', 'HTTPS', 'TCP']),
purge_tags=dict(default=True, type='bool'),
stickiness_enabled=dict(type='bool'),
stickiness_type=dict(default='lb_cookie'),
stickiness_lb_cookie_duration=dict(type='int'),
state=dict(required=True, choices=['present', 'absent']),
successful_response_codes=dict(),
tags=dict(default={}, type='dict'),
target_type=dict(default='instance',
choices=['instance', 'ip', 'lambda']),
targets=dict(type='list'),
unhealthy_threshold_count=dict(type='int'),
vpc_id=dict(),
wait_timeout=dict(type='int', default=200),
wait=dict(type='bool', default=False)))
module = AnsibleAWSModule(
argument_spec=argument_spec,
required_if=[
['target_type', 'instance', ['protocol', 'port', 'vpc_id']],
['target_type', 'ip', ['protocol', 'port', 'vpc_id']],
])
connection = module.client('elbv2')
if module.params.get('state') == 'present':
create_or_update_target_group(connection, module)
else:
delete_target_group(connection, module)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
state=dict(choices=['present', 'absent'], default='present'),
origin_access_identity_id=dict(),
caller_reference=dict(),
comment=dict(),
))
result = {}
e_tag = None
changed = False
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False)
service_mgr = CloudFrontOriginAccessIdentityServiceManager(module)
validation_mgr = CloudFrontOriginAccessIdentityValidationManager(module)
state = module.params.get('state')
caller_reference = module.params.get('caller_reference')
comment = module.params.get('comment')
origin_access_identity_id = module.params.get('origin_access_identity_id')
if origin_access_identity_id is None and caller_reference is not None:
origin_access_identity_id = validation_mgr.validate_origin_access_identity_id_from_caller_reference(caller_reference)
e_tag = validation_mgr.validate_etag_from_origin_access_identity_id(origin_access_identity_id)
comment = validation_mgr.validate_comment(comment)
if state == 'present':
if origin_access_identity_id is not None and e_tag is not None:
result, changed = service_mgr.update_origin_access_identity(caller_reference, comment, origin_access_identity_id, e_tag)
else:
result = service_mgr.create_origin_access_identity(caller_reference, comment)
changed = True
elif(state == 'absent' and origin_access_identity_id is not None and
e_tag is not None):
result = service_mgr.delete_origin_access_identity(origin_access_identity_id, e_tag)
changed = True
result.pop('ResponseMetadata', None)
module.exit_json(changed=changed, **camel_dict_to_snake_dict(result))
def main():
argument_spec = dict(
name=dict(required=True),
state=dict(default='present', choices=['present', 'absent']),
display_name=dict(),
policy=dict(type='dict'),
delivery_policy=dict(type='dict'),
subscriptions=dict(default=[], type='list'),
purge_subscriptions=dict(type='bool', default=True),
)
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
name = module.params.get('name')
state = module.params.get('state')
display_name = module.params.get('display_name')
policy = module.params.get('policy')
delivery_policy = module.params.get('delivery_policy')
subscriptions = module.params.get('subscriptions')
purge_subscriptions = module.params.get('purge_subscriptions')
check_mode = module.check_mode
sns_topic = SnsTopicManager(module,
name,
state,
display_name,
policy,
delivery_policy,
subscriptions,
purge_subscriptions,
check_mode)
if state == 'present':
changed = sns_topic.ensure_ok()
elif state == 'absent':
changed = sns_topic.ensure_gone()
sns_facts = dict(changed=changed,
sns_arn=sns_topic.topic_arn,
sns_topic=sns_topic.get_info())
module.exit_json(**sns_facts)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
instance_id=dict(),
image_id=dict(),
architecture=dict(default='x86_64'),
kernel_id=dict(),
virtualization_type=dict(default='hvm'),
root_device_name=dict(),
delete_snapshot=dict(default=False, type='bool'),
name=dict(),
wait=dict(type='bool', default=False),
wait_timeout=dict(default=900, type='int'),
description=dict(default=''),
no_reboot=dict(default=False, type='bool'),
state=dict(default='present'),
device_mapping=dict(type='list'),
tags=dict(type='dict'),
launch_permissions=dict(type='dict'),
image_location=dict(),
enhanced_networking=dict(type='bool'),
billing_products=dict(type='list'),
ramdisk_id=dict(),
sriov_net_support=dict(),
purge_tags=dict(type='bool', default=False)
))
module = AnsibleAWSModule(
argument_spec=argument_spec,
required_if=[
['state', 'absent', ['image_id']],
]
)
# Using a required_one_of=[['name', 'image_id']] overrides the message that should be provided by
# the required_if for state=absent, so check manually instead
if not any([module.params['image_id'], module.params['name']]):
module.fail_json(msg="one of the following is required: name, image_id")
try:
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs)
except botocore.exceptions.NoRegionError:
module.fail_json(msg=("Region must be specified as a parameter in AWS_DEFAULT_REGION environment variable or in boto configuration file."))
if module.params.get('state') == 'absent':
deregister_image(module, connection)
elif module.params.get('state') == 'present':
if module.params.get('image_id'):
update_image(module, connection, module.params.get('image_id'))
if not module.params.get('instance_id') and not module.params.get('device_mapping'):
module.fail_json(msg="The parameters instance_id or device_mapping (register from EBS snapshot) are required for a new image.")
create_image(module, connection)
def main():
filters_subspec = dict(
country=dict(),
field_to_match=dict(choices=['uri', 'query_string', 'header', 'method', 'body']),
header=dict(),
transformation=dict(choices=['none', 'compress_white_space',
'html_entity_decode', 'lowercase',
'cmd_line', 'url_decode']),
position=dict(choices=['exactly', 'starts_with', 'ends_with',
'contains', 'contains_word']),
comparison=dict(choices=['EQ', 'NE', 'LE', 'LT', 'GE', 'GT']),
target_string=dict(), # Bytes
size=dict(type='int'),
ip_address=dict(),
regex_pattern=dict(),
)
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
name=dict(required=True),
type=dict(required=True, choices=['byte', 'geo', 'ip', 'regex', 'size', 'sql', 'xss']),
filters=dict(type='list'),
purge_filters=dict(type='bool', default=False),
state=dict(default='present', choices=['present', 'absent']),
),
)
module = AnsibleAWSModule(argument_spec=argument_spec,
required_if=[['state', 'present', ['filters']]])
state = module.params.get('state')
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
client = boto3_conn(module, conn_type='client', resource='waf', region=region, endpoint=ec2_url, **aws_connect_kwargs)
condition = Condition(client, module)
if state == 'present':
(changed, results) = condition.ensure_condition_present()
# return a condition agnostic ID for use by aws_waf_rule
results['ConditionId'] = results[condition.conditionsetid]
else:
(changed, results) = condition.ensure_condition_absent()
module.exit_json(changed=changed, condition=camel_dict_to_snake_dict(results))
def main():
"""
Module action handler
"""
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
name=dict(aliases=['role_name']),
path_prefix=dict(),
))
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True,
mutually_exclusive=[['name', 'path_prefix']])
region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True)
client = boto3_conn(module, conn_type='client', resource='iam',
region=region, endpoint=ec2_url, **aws_connect_params)
module.exit_json(changed=False, iam_roles=describe_iam_roles(module, client))
def main():
argument_spec = dict(
users=dict(type='list', default=None, required=True)
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True
)
iam_connection = module.client('iam')
sts_connection = module.client('sts')
# compare_current_user(sts_connection, module)
(users_changed_data, meta_create_update) = create_or_update_users(iam_connection, module)
(users_deleted_data, meta_delete) = compare_users(iam_connection, module)
module.exit_json(create_update_changed=users_changed_data, delete_changed=users_deleted_data, iam_users_create_update_data=meta_create_update, iam_users_delete_data=meta_delete)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
name=dict(required=False),
)
)
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
client = boto3_conn(module, conn_type='client', resource='waf', region=region, endpoint=ec2_url, **aws_connect_kwargs)
web_acls = list_web_acls(client, module)
name = module.params['name']
if name:
web_acls = [web_acl for web_acl in web_acls if
web_acl['Name'] == name]
if not web_acls:
module.fail_json(msg="WAF named %s not found" % name)
module.exit_json(wafs=[get_web_acl(client, module, web_acl['WebACLId'])
for web_acl in web_acls])
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
names=dict(type='list', default=[])
)
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True
)
region, ec2_url, aws_connect_params = get_aws_connection_info(
module, boto3=True)
connection = boto3_conn(module,
resource='ec2', conn_type='client',
region=region, endpoint=ec2_url, **aws_connect_params)
placement_groups = get_placement_groups_details(connection, module)
module.exit_json(changed=False, placement_groups=placement_groups)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
instance_id=dict(),
image_id=dict(),
architecture=dict(default='x86_64'),
kernel_id=dict(),
virtualization_type=dict(default='hvm'),
root_device_name=dict(),
delete_snapshot=dict(default=False, type='bool'),
name=dict(),
wait=dict(type='bool', default=False),
wait_timeout=dict(default=900, type='int'),
description=dict(default=''),
no_reboot=dict(default=False, type='bool'),
state=dict(default='present'),
device_mapping=dict(type='list'),
tags=dict(type='dict'),
launch_permissions=dict(type='dict'),
image_location=dict(),
enhanced_networking=dict(type='bool'),
billing_products=dict(type='list'),
ramdisk_id=dict(),
sriov_net_support=dict(),
purge_tags=dict(type='bool', default=False)
))
module = AnsibleAWSModule(
argument_spec=argument_spec,
required_if=[
['state', 'absent', ['image_id']],
]
)
# Using a required_one_of=[['name', 'image_id']] overrides the message that should be provided by
# the required_if for state=absent, so check manually instead
if not any([module.params['image_id'], module.params['name']]):
module.fail_json(msg="one of the following is required: name, image_id")
try:
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs)
except botocore.exceptions.NoRegionError:
module.fail_json(msg=("Region must be specified as a parameter in AWS_DEFAULT_REGION environment variable or in boto configuration file."))
if module.params.get('state') == 'absent':
deregister_image(module, connection)
elif module.params.get('state') == 'present':
if module.params.get('image_id'):
update_image(module, connection, module.params.get('image_id'))
if not module.params.get('instance_id') and not module.params.get('device_mapping'):
module.fail_json(msg="The parameters instance_id or device_mapping (register from EBS snapshot) are required for a new image.")
create_image(module, connection)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
image_ids=dict(default=[], type='list', aliases=['image_id']),
filters=dict(default={}, type='dict'),
owners=dict(default=[], type='list', aliases=['owner']),
executable_users=dict(default=[], type='list', aliases=['executable_user']),
describe_image_attributes=dict(default=False, type='bool')
)
)
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True)
if region:
ec2_client = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params)
else:
module.fail_json(msg="region must be specified")
list_ec2_images(ec2_client, module)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
name=dict(required=True),
schedule_expression=dict(),
event_pattern=dict(),
state=dict(choices=['present', 'disabled', 'absent'],
default='present'),
description=dict(),
role_arn=dict(),
targets=dict(type='list', default=[]),
)
)
module = AnsibleAWSModule(argument_spec=argument_spec)
rule_data = dict(
[(rf, module.params.get(rf)) for rf in CloudWatchEventRuleManager.RULE_FIELDS]
)
targets = module.params.get('targets')
state = module.params.get('state')
cwe_rule = CloudWatchEventRule(module,
client=get_cloudwatchevents_client(module),
**rule_data)
cwe_rule_manager = CloudWatchEventRuleManager(cwe_rule, targets)
if state == 'present':
cwe_rule_manager.ensure_present()
elif state == 'disabled':
cwe_rule_manager.ensure_disabled()
elif state == 'absent':
cwe_rule_manager.ensure_absent()
else:
module.fail_json(msg="Invalid state '{0}' provided".format(state))
module.exit_json(**cwe_rule_manager.fetch_aws_state())
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
az=dict(default=None, required=False),
cidr=dict(default=None, required=True),
ipv6_cidr=dict(default='', required=False),
state=dict(default='present', choices=['present', 'absent']),
tags=dict(default={}, required=False, type='dict', aliases=['resource_tags']),
vpc_id=dict(default=None, required=True),
map_public=dict(default=False, required=False, type='bool'),
assign_instances_ipv6=dict(default=False, required=False, type='bool'),
wait=dict(type='bool', default=True),
wait_timeout=dict(type='int', default=300, required=False),
purge_tags=dict(default=True, type='bool')
)
)
required_if = [('assign_instances_ipv6', True, ['ipv6_cidr'])]
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True, required_if=required_if)
if module.params.get('assign_instances_ipv6') and not module.params.get('ipv6_cidr'):
module.fail_json(msg="assign_instances_ipv6 is True but ipv6_cidr is None or an empty string")
if LooseVersion(botocore.__version__) < "1.7.0":
module.warn("botocore >= 1.7.0 is required to use wait_timeout for custom wait times")
region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True)
connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params)
state = module.params.get('state')
try:
if state == 'present':
result = ensure_subnet_present(connection, module)
elif state == 'absent':
result = ensure_subnet_absent(connection, module)
except botocore.exceptions.ClientError as e:
module.fail_json_aws(e)
module.exit_json(**result)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
lookup=dict(default='tag', choices=['tag', 'id']),
propagating_vgw_ids=dict(type='list'),
purge_routes=dict(default=True, type='bool'),
purge_subnets=dict(default=True, type='bool'),
purge_tags=dict(default=False, type='bool'),
route_table_id=dict(),
routes=dict(default=[], type='list'),
state=dict(default='present', choices=['present', 'absent']),
subnets=dict(type='list'),
tags=dict(type='dict', aliases=['resource_tags']),
vpc_id=dict()
)
)
module = AnsibleAWSModule(argument_spec=argument_spec,
required_if=[['lookup', 'id', ['route_table_id']],
['lookup', 'tag', ['vpc_id']],
['state', 'present', ['vpc_id']]],
supports_check_mode=True)
region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True)
connection = boto3_conn(module, conn_type='client', resource='ec2',
region=region, endpoint=ec2_url, **aws_connect_params)
state = module.params.get('state')
if state == 'present':
result = ensure_route_table_present(connection, module)
elif state == 'absent':
result = ensure_route_table_absent(connection, module)
module.exit_json(**result)
def main():
module = AnsibleAWSModule(
argument_spec={
'identity': dict(required=True, type='str'),
'state': dict(default='present', choices=['present', 'absent']),
'policy_name': dict(required=True, type='str'),
'policy': dict(type='json', default=None),
},
required_if=[['state', 'present', ['policy']]],
supports_check_mode=True,
)
# SES APIs seem to have a much lower throttling threshold than most of the rest of the AWS APIs.
# Docs say 1 call per second. This shouldn't actually be a big problem for normal usage, but
# the ansible build runs multiple instances of the test in parallel that's caused throttling
# failures so apply a jittered backoff to call SES calls.
connection = module.client('ses', retry_decorator=AWSRetry.jittered_backoff())
state = module.params.get("state")
if state == 'present':
create_or_update_identity_policy(connection, module)
else:
delete_identity_policy(connection, module)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
name=dict(type='str'),
state=dict(default='present', choices=['present', 'absent']),
strategy=dict(default='cluster', choices=['cluster', 'spread'])
)
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True
)
region, ec2_url, aws_connect_params = get_aws_connection_info(
module, boto3=True)
connection = boto3_conn(module,
resource='ec2', conn_type='client',
region=region, endpoint=ec2_url, **aws_connect_params)
state = module.params.get("state")
if state == 'present':
placement_group = get_placement_group_details(connection, module)
if placement_group is None:
create_placement_group(connection, module)
else:
strategy = module.params.get("strategy")
if placement_group['strategy'] == strategy:
module.exit_json(
changed=False, placement_group=placement_group)
else:
name = module.params.get("name")
module.fail_json(
msg=("Placement group '{}' exists, can't change strategy" +
" from '{}' to '{}'").format(
name,
placement_group['strategy'],
strategy))
elif state == 'absent':
placement_group = get_placement_group_details(connection, module)
if placement_group is None:
module.exit_json(changed=False)
else:
delete_placement_group(connection, module)
def main():
module = AnsibleAWSModule(
argument_spec={},
supports_check_mode=True,
)
client = module.client('sts')
try:
caller_identity = client.get_caller_identity()
caller_identity.pop('ResponseMetadata', None)
module.exit_json(
changed=False,
**camel_dict_to_snake_dict(caller_identity)
)
except (BotoCoreError, ClientError) as e:
module.fail_json_aws(e, msg='Failed to retrieve caller identity')
def main():
argument_spec = dict(
zone=dict(required=True),
state=dict(default='present', choices=['present', 'absent']),
vpc_id=dict(default=None),
vpc_region=dict(default=None),
comment=dict(default=''),
hosted_zone_id=dict(),
delegation_set_id=dict(),
)
mutually_exclusive = [
['delegation_set_id', 'vpc_id'],
['delegation_set_id', 'vpc_region'],
]
module = AnsibleAWSModule(
argument_spec=argument_spec,
mutually_exclusive=mutually_exclusive,
supports_check_mode=True,
)
zone_in = module.params.get('zone').lower()
state = module.params.get('state').lower()
vpc_id = module.params.get('vpc_id')
vpc_region = module.params.get('vpc_region')
if not zone_in.endswith('.'):
zone_in += "."
private_zone = bool(vpc_id and vpc_region)
client = module.client('route53')
zones = find_zones(module, client, zone_in, private_zone)
if state == 'present':
changed, result = create(module, client, matching_zones=zones)
elif state == 'absent':
changed, result = delete(module, client, matching_zones=zones)
if isinstance(result, dict):
module.exit_json(changed=changed, result=result, **result)
else:
module.exit_json(changed=changed, result=result)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
state=dict(required=True, choices=['present', 'absent']),
id_to_associate=dict(required=True, aliases=['link_aggregation_group_id', 'connection_id']),
public=dict(type='bool'),
name=dict(),
vlan=dict(type='int', default=100),
bgp_asn=dict(type='int', default=65000),
authentication_key=dict(),
amazon_address=dict(),
customer_address=dict(),
address_type=dict(),
cidr=dict(type='list'),
virtual_gateway_id=dict(),
virtual_interface_id=dict()
))
module = AnsibleAWSModule(argument_spec=argument_spec,
required_one_of=[['virtual_interface_id', 'name']],
required_if=[['state', 'present', ['public']],
['public', False, ['virtual_gateway_id']],
['public', True, ['amazon_address']],
['public', True, ['customer_address']],
['public', True, ['cidr']]])
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
connection = boto3_conn(module, conn_type='client', resource='directconnect', region=region, endpoint=ec2_url, **aws_connect_kwargs)
try:
changed, latest_state = ensure_state(connection, module)
except DirectConnectError as e:
if e.exception:
module.fail_json_aws(exception=e.exception, msg=e.msg)
else:
module.fail_json(msg=e.msg)
module.exit_json(changed=changed, **camel_dict_to_snake_dict(latest_state))
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
state=dict(required=True, choices=['present', 'absent'], type='str'),
policy_name=dict(required=True, type='str'),
service_namespace=dict(required=True, choices=['ecs', 'elasticmapreduce', 'ec2', 'appstream', 'dynamodb'], type='str'),
resource_id=dict(required=True, type='str'),
scalable_dimension=dict(required=True, choices=['ecs:service:DesiredCount',
'ec2:spot-fleet-request:TargetCapacity',
'elasticmapreduce:instancegroup:InstanceCount',
'appstream:fleet:DesiredCapacity',
'dynamodb:table:ReadCapacityUnits',
'dynamodb:table:WriteCapacityUnits',
'dynamodb:index:ReadCapacityUnits',
'dynamodb:index:WriteCapacityUnits'
], type='str'),
policy_type=dict(required=True, choices=['StepScaling', 'TargetTrackingScaling'], type='str'),
step_scaling_policy_configuration=dict(required=False, type='dict'),
target_tracking_scaling_policy_configuration=dict(required=False, type='dict'),
minimum_tasks=dict(required=False, type='int'),
maximum_tasks=dict(required=False, type='int'),
override_task_capacity=dict(required=False, type=bool)
))
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
connection = module.client('application-autoscaling')
if module.params.get("state") == 'present':
# A scalable target must be registered prior to creating a scaling policy
scalable_target_result = create_scalable_target(connection, module)
policy_result = create_scaling_policy(connection, module)
# Merge the results of the scalable target creation and policy deletion/creation
# There's no risk in overriding values since mutual keys have the same values in our case
merged_result = merge_results(scalable_target_result, policy_result)
module.exit_json(**merged_result)
else:
policy_result = delete_scaling_policy(connection, module)
module.exit_json(**policy_result)