def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( name=dict(required=True), default_action=dict(choices=['block', 'allow', 'count']), metric_name=dict(), state=dict(default='present', choices=['present', 'absent']), rules=dict(type='list'), purge_rules=dict(type='bool', default=False) ), ) module = AnsibleAWSModule(argument_spec=argument_spec, required_if=[['state', 'present', ['default_action', 'rules']]]) state = module.params.get('state') region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) client = boto3_conn(module, conn_type='client', resource='waf', region=region, endpoint=ec2_url, **aws_connect_kwargs) if state == 'present': (changed, results) = ensure_web_acl_present(client, module) else: (changed, results) = ensure_web_acl_absent(client, module) module.exit_json(changed=changed, web_acl=camel_dict_to_snake_dict(results))
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( role_arn=dict(required=True, default=None), role_session_name=dict(required=True, default=None), duration_seconds=dict(required=False, default=None, type='int'), external_id=dict(required=False, default=None), policy=dict(required=False, default=None), mfa_serial_number=dict(required=False, default=None), mfa_token=dict(required=False, default=None) ) ) module = AnsibleAWSModule(argument_spec=argument_spec) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) if region: connection = boto3_conn(module, conn_type='client', resource='sts', region=region, endpoint=ec2_url, **aws_connect_kwargs) else: module.fail_json(msg="region must be specified") assume_role_policy(connection, module)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( details=dict(type='bool', default=False), events=dict(type='bool', default=True), cluster=dict(), service=dict(type='list') )) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) show_details = module.params.get('details') task_mgr = EcsServiceManager(module) if show_details: if module.params['service']: services = module.params['service'] else: services = task_mgr.list_services(module.params['cluster'])['services'] ecs_facts = dict(services=[], services_not_running=[]) for chunk in chunks(services, 10): running_services, services_not_running = task_mgr.describe_services(module.params['cluster'], chunk) ecs_facts['services'].extend(running_services) ecs_facts['services_not_running'].extend(services_not_running) else: ecs_facts = task_mgr.list_services(module.params['cluster']) module.exit_json(changed=False, ansible_facts=ecs_facts, **ecs_facts)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( caller_reference=dict(), distribution_id=dict(), alias=dict(), target_paths=dict(required=True, type='list') )) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False, mutually_exclusive=[['distribution_id', 'alias']]) validation_mgr = CloudFrontInvalidationValidationManager(module) service_mgr = CloudFrontInvalidationServiceManager(module) caller_reference = module.params.get('caller_reference') distribution_id = module.params.get('distribution_id') alias = module.params.get('alias') target_paths = module.params.get('target_paths') result = {} distribution_id = validation_mgr.validate_distribution_id(distribution_id, alias) valid_target_paths = validation_mgr.validate_invalidation_batch(target_paths, caller_reference) valid_pascal_target_paths = snake_dict_to_camel_dict(valid_target_paths, True) result, changed = service_mgr.create_invalidation(distribution_id, valid_pascal_target_paths) module.exit_json(changed=changed, **camel_dict_to_snake_dict(result))
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( autoscaling_group_name=dict(required=True, type='str'), lifecycle_hook_name=dict(required=True, type='str'), transition=dict(type='str', choices=['autoscaling:EC2_INSTANCE_TERMINATING', 'autoscaling:EC2_INSTANCE_LAUNCHING']), role_arn=dict(type='str'), notification_target_arn=dict(type='str'), notification_meta_data=dict(type='str'), heartbeat_timeout=dict(type='int'), default_result=dict(default='ABANDON', choices=['ABANDON', 'CONTINUE']), state=dict(default='present', choices=['present', 'absent']) ) ) module = AnsibleAWSModule(argument_spec=argument_spec, required_if=[['state', 'present', ['transition']]]) state = module.params.get('state') region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='autoscaling', region=region, endpoint=ec2_url, **aws_connect_params) changed = False if state == 'present': changed = create_lifecycle_hook(connection, module) elif state == 'absent': changed = delete_lifecycle_hook(connection, module) module.exit_json(changed=changed)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( vpc_id=dict(required=True), state=dict(default='present', choices=['present', 'absent']) )) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params) vpc_id = module.params.get('vpc_id') state = module.params.get('state') eigw_id = describe_eigws(module, connection, vpc_id) result = dict(gateway_id=eigw_id, vpc_id=vpc_id) changed = False if state == 'present' and not eigw_id: changed, result['gateway_id'] = create_eigw(module, connection, vpc_id) elif state == 'absent' and eigw_id: changed = delete_eigw(module, connection, eigw_id) module.exit_json(changed=changed, **result)
def test_botocore_exception_without_response_reports_nicely_via_fail_json_aws(self): basic._ANSIBLE_ARGS = to_bytes(json.dumps({'ANSIBLE_MODULE_ARGS': {}})) module = AnsibleAWSModule(argument_spec=dict( fail_mode=dict(type='list', default=['success']) )) fail_json_double = Mock() err_msg = None with patch.object(basic.AnsibleModule, 'fail_json', fail_json_double): try: raise botocore.exceptions.ClientError(err_msg, 'Could not find you') except Exception as e: print("exception is " + str(e)) module.fail_json_aws(e, msg="Fake failure for testing boto exception messages") assert(len(fail_json_double.mock_calls) > 0), "failed to call fail_json when should have" assert(len(fail_json_double.mock_calls) < 2), "called fail_json multiple times" assert("test_botocore_exception_without_response_reports_nicely_via_fail_json_aws" in fail_json_double.mock_calls[0][2]["exception"]), \ "exception traceback doesn't include correct function, fail call was actually: " \ + str(fail_json_double.mock_calls[0]) assert("Fake failure for testing boto exception messages" in fail_json_double.mock_calls[0][2]["msg"]), \ "error message doesn't include the local message; was: " \ + str(fail_json_double.mock_calls[0])
def main(): """ Module action handler """ argument_spec = ec2_argument_spec() argument_spec.update(dict( id=dict(), name=dict(), tags=dict(type="dict", default={}), targets=dict(type="list", default=[]) )) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) region, _, aws_connect_params = get_aws_connection_info(module, boto3=True) connection = EFSConnection(module, region, **aws_connect_params) name = module.params.get('name') fs_id = module.params.get('id') tags = module.params.get('tags') targets = module.params.get('targets') file_systems_info = connection.get_file_systems(fs_id, name) if tags: file_systems_info = [item for item in file_systems_info if has_tags(item['tags'], tags)] if targets: targets = [(item, prefix_to_attr(item)) for item in targets] file_systems_info = [item for item in file_systems_info if has_targets(item['mount_targets'], targets)] module.exit_json(changed=False, ansible_facts={'efs': file_systems_info})
def main(): module = AnsibleAWSModule( argument_spec=dict( filters=dict(type='dict', default={}) ), supports_check_mode=True ) module.exit_json(changed=False, addresses=get_eips_details(module))
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( force=dict(required=False, default='no', type='bool'), policy=dict(required=False, default=None, type='json'), name=dict(required=True, type='str'), requester_pays=dict(default='no', type='bool'), s3_url=dict(aliases=['S3_URL'], type='str'), state=dict(default='present', type='str', choices=['present', 'absent']), tags=dict(required=False, default=None, type='dict'), versioning=dict(default=None, type='bool'), ceph=dict(default='no', type='bool') ) ) module = AnsibleAWSModule(argument_spec=argument_spec) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) if region in ('us-east-1', '', None): # default to US Standard region location = 'us-east-1' else: # Boto uses symbolic names for locations but region strings will # actually work fine for everything except us-east-1 (US Standard) location = region s3_url = module.params.get('s3_url') ceph = module.params.get('ceph') # allow eucarc environment variables to be used if ansible vars aren't set if not s3_url and 'S3_URL' in os.environ: s3_url = os.environ['S3_URL'] if ceph and not s3_url: module.fail_json(msg='ceph flavour requires s3_url') # Look at s3_url and tweak connection settings # if connecting to Ceph RGW, Walrus or fakes3 if s3_url: for key in ['validate_certs', 'security_token', 'profile_name']: aws_connect_kwargs.pop(key, None) s3_client = get_s3_client(module, aws_connect_kwargs, location, ceph, s3_url) if s3_client is None: # this should never happen module.fail_json(msg='Unknown error, failed to create s3 connection, no information from boto.') state = module.params.get("state") if state == 'present': create_or_update_bucket(s3_client, module, location) elif state == 'absent': destroy_bucket(s3_client, module)
def main(): """ Main entry point. :return dict: ansible facts """ argument_spec = dict( function_name=dict(required=False, default=None, aliases=['function', 'name']), query=dict(required=False, choices=['aliases', 'all', 'config', 'mappings', 'policy', 'versions'], default='all'), event_source_arn=dict(required=False, default=None) ) module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[], required_together=[] ) # validate function_name if present function_name = module.params['function_name'] if function_name: if not re.search(r"^[\w\-:]+$", function_name): module.fail_json( msg='Function name {0} is invalid. Names must contain only alphanumeric characters and hyphens.'.format(function_name) ) if len(function_name) > 64: module.fail_json(msg='Function name "{0}" exceeds 64 character limit'.format(function_name)) try: region, endpoint, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) aws_connect_kwargs.update(dict(region=region, endpoint=endpoint, conn_type='client', resource='lambda' )) client = boto3_conn(module, **aws_connect_kwargs) except ClientError as e: module.fail_json_aws(e, "trying to set up boto connection") this_module = sys.modules[__name__] invocations = dict( aliases='alias_details', all='all_details', config='config_details', mappings='mapping_details', policy='policy_details', versions='version_details', ) this_module_function = getattr(this_module, invocations[module.params['query']]) all_facts = fix_return(this_module_function(client, module)) results = dict(ansible_facts={'lambda_facts': {'function': all_facts}}, changed=False) if module.check_mode: results['msg'] = 'Check mode set but ignored for fact gathering only.' module.exit_json(**results)
def main(): argument_spec = dict( state=dict(type='str', default='present', choices=['present', 'absent']), filters=dict(type='dict', default={}), vpn_gateway_id=dict(type='str'), tags=dict(default={}, type='dict'), connection_type=dict(default='ipsec.1', type='str'), tunnel_options=dict(type='list', default=[]), static_only=dict(default=False, type='bool'), customer_gateway_id=dict(type='str'), vpn_connection_id=dict(type='str'), purge_tags=dict(type='bool', default=False), routes=dict(type='list', default=[]), purge_routes=dict(type='bool', default=False), ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) connection = module.client('ec2') state = module.params.get('state') parameters = dict(module.params) try: if state == 'present': changed, response = ensure_present(connection, parameters, module.check_mode) elif state == 'absent': changed, response = ensure_absent(connection, parameters, module.check_mode) except VPNConnectionException as e: if e.exception: module.fail_json_aws(e.exception, msg=e.msg) else: module.fail_json(msg=e.msg) module.exit_json(changed=changed, **camel_dict_to_snake_dict(response))
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( state=dict(required=True, choices=['present', 'absent']), name=dict(), location=dict(), bandwidth=dict(choices=['1Gbps', '10Gbps']), link_aggregation_group=dict(), connection_id=dict(), forced_update=dict(type='bool', default=False) )) module = AnsibleAWSModule( argument_spec=argument_spec, required_one_of=[('connection_id', 'name')], required_if=[('state', 'present', ('location', 'bandwidth'))] ) connection = module.client('directconnect') state = module.params.get('state') try: connection_id = connection_exists( connection, connection_id=module.params.get('connection_id'), connection_name=module.params.get('name') ) if not connection_id and module.params.get('connection_id'): module.fail_json(msg="The Direct Connect connection {0} does not exist.".format(module.params.get('connection_id'))) if state == 'present': changed, connection_id = ensure_present(connection, connection_id=connection_id, connection_name=module.params.get('name'), location=module.params.get('location'), bandwidth=module.params.get('bandwidth'), lag_id=module.params.get('link_aggregation_group'), forced_update=module.params.get('forced_update')) response = connection_status(connection, connection_id) elif state == 'absent': changed = ensure_absent(connection, connection_id) response = {} except DirectConnectError as e: if e.last_traceback: module.fail_json(msg=e.msg, exception=e.last_traceback, **camel_dict_to_snake_dict(e.exception.response)) else: module.fail_json(msg=e.msg) module.exit_json(changed=changed, **camel_dict_to_snake_dict(response))
def main(): argument_spec = dict( gather_local_disks=dict(type='bool', default=True), gather_tapes=dict(type='bool', default=True), gather_file_shares=dict(type='bool', default=True), gather_volumes=dict(type='bool', default=True) ) module = AnsibleAWSModule(argument_spec=argument_spec) client = module.client('storagegateway') if client is None: # this should never happen module.fail_json(msg='Unknown error, failed to create storagegateway client, no information from boto.') SGWFactsManager(client, module).fetch()
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( vpn_connection_ids=dict(default=[], type='list'), filters=dict(default={}, type='dict') ) ) module = AnsibleAWSModule(argument_spec=argument_spec, mutually_exclusive=[['vpn_connection_ids', 'filters']], supports_check_mode=True) connection = module.client('ec2') list_vpn_connections(connection, module)
def main(): argument_spec = (dict( cross_zone_load_balancing=dict(type='bool'), deletion_protection=dict(type='bool'), listeners=dict(type='list', elements='dict', options=dict(Protocol=dict(type='str', required=True), Port=dict(type='int', required=True), SslPolicy=dict(type='str'), Certificates=dict(type='list'), DefaultActions=dict(type='list', required=True))), name=dict(required=True, type='str'), purge_listeners=dict(default=True, type='bool'), purge_tags=dict(default=True, type='bool'), subnets=dict(type='list'), subnet_mappings=dict(type='list'), scheme=dict(default='internet-facing', choices=['internet-facing', 'internal']), state=dict(choices=['present', 'absent'], type='str'), tags=dict(type='dict'), wait_timeout=dict(type='int'), wait=dict(type='bool'))) module = AnsibleAWSModule( argument_spec=argument_spec, mutually_exclusive=[['subnets', 'subnet_mappings']]) # Check for subnets or subnet_mappings if state is present state = module.params.get("state") if state == 'present': if module.params.get("subnets") is None and module.params.get( "subnet_mappings") is None: module.fail_json( msg= "'subnets' or 'subnet_mappings' is required when state=present" ) # Quick check of listeners parameters listeners = module.params.get("listeners") if listeners is not None: for listener in listeners: for key in listener.keys(): if key == 'Protocol' and listener[key] != 'TCP': module.fail_json(msg="'Protocol' must be 'TCP'") connection = module.client('elbv2') connection_ec2 = module.client('ec2') elb = NetworkLoadBalancer(connection, connection_ec2, module) if state == 'present': create_or_update_elb(elb) else: delete_elb(elb)
def main(): argument_spec = dict(vpn_connection_ids=dict(default=[], type='list'), filters=dict(default={}, type='dict')) module = AnsibleAWSModule( argument_spec=argument_spec, mutually_exclusive=[['vpn_connection_ids', 'filters']], supports_check_mode=True) if module._module._name == 'ec2_vpc_vpn_facts': module._module.deprecate( "The 'ec2_vpc_vpn_facts' module has been renamed to 'ec2_vpc_vpn_info'", version='2.13') connection = module.client('ec2') list_vpn_connections(connection, module)
def test_create_aws_module_should_set_up_params(self): m = AnsibleAWSModule(argument_spec=dict( win_string_arg=dict(type='list', default=['win']))) m_noretry_no_customargs = AnsibleAWSModule( auto_retry=False, default_args=False, argument_spec=dict( success_string_arg=dict(type='list', default=['success']))) assert m, "module wasn't true!!" assert m_noretry_no_customargs, "module wasn't true!!" m_params = m.params m_no_defs_params = m_noretry_no_customargs.params assert 'region' in m_params assert 'win' in m_params["win_string_arg"] assert 'success' in m_no_defs_params["success_string_arg"] assert 'aws_secret_key' not in m_no_defs_params
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict(name=dict(required=False), )) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) client = boto3_conn(module, conn_type='client', resource='elasticache', region=region, endpoint=ec2_url, **aws_connect_kwargs) module.exit_json( elasticache_clusters=get_elasticache_clusters(client, module, region))
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( zone=dict(required=True), state=dict(default='present', choices=['present', 'absent']), vpc_id=dict(default=None), vpc_region=dict(default=None), comment=dict(default=''), hosted_zone_id=dict())) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) zone_in = module.params.get('zone').lower() state = module.params.get('state').lower() vpc_id = module.params.get('vpc_id') vpc_region = module.params.get('vpc_region') if not zone_in.endswith('.'): zone_in += "." private_zone = bool(vpc_id and vpc_region) client = module.client('route53') zones = find_zones(module, client, zone_in, private_zone) if state == 'present': changed, result = create(module, client, matching_zones=zones) elif state == 'absent': changed, result = delete(module, client, matching_zones=zones) if isinstance(result, dict): module.exit_json(changed=changed, result=result, **result) else: module.exit_json(changed=changed, result=result)
def main(): argument_spec = dict( name=dict(required=True), schedule_expression=dict(), event_pattern=dict(), state=dict(choices=['present', 'disabled', 'absent'], default='present'), description=dict(), role_arn=dict(), targets=dict(type='list', default=[]), ) module = AnsibleAWSModule(argument_spec=argument_spec) rule_data = dict([(rf, module.params.get(rf)) for rf in CloudWatchEventRuleManager.RULE_FIELDS]) targets = module.params.get('targets') state = module.params.get('state') client = module.client('events') cwe_rule = CloudWatchEventRule(module, client=client, **rule_data) cwe_rule_manager = CloudWatchEventRuleManager(cwe_rule, targets) if state == 'present': cwe_rule_manager.ensure_present() elif state == 'disabled': cwe_rule_manager.ensure_disabled() elif state == 'absent': cwe_rule_manager.ensure_absent() else: module.fail_json(msg="Invalid state '{0}' provided".format(state)) module.exit_json(**cwe_rule_manager.fetch_aws_state())
def main(): filters_subspec = dict( country=dict(), field_to_match=dict(choices=['uri', 'query_string', 'header', 'method', 'body']), header=dict(), transformation=dict(choices=['none', 'compress_white_space', 'html_entity_decode', 'lowercase', 'cmd_line', 'url_decode']), position=dict(choices=['exactly', 'starts_with', 'ends_with', 'contains', 'contains_word']), comparison=dict(choices=['EQ', 'NE', 'LE', 'LT', 'GE', 'GT']), target_string=dict(), # Bytes size=dict(type='int'), ip_address=dict(), regex_pattern=dict(), ) argument_spec = ec2_argument_spec() argument_spec.update( dict( name=dict(required=True), type=dict(required=True, choices=['byte', 'geo', 'ip', 'regex', 'size', 'sql', 'xss']), filters=dict(type='list'), purge_filters=dict(type='bool', default=False), waf_regional=dict(type='bool', default=False), state=dict(default='present', choices=['present', 'absent']), ), ) module = AnsibleAWSModule(argument_spec=argument_spec, required_if=[['state', 'present', ['filters']]]) state = module.params.get('state') region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) resource = 'waf' if not module.params['waf_regional'] else 'waf-regional' client = boto3_conn(module, conn_type='client', resource=resource, region=region, endpoint=ec2_url, **aws_connect_kwargs) condition = Condition(client, module) if state == 'present': (changed, results) = condition.ensure_condition_present() # return a condition agnostic ID for use by aws_waf_rule results['ConditionId'] = results[condition.conditionsetid] else: (changed, results) = condition.ensure_condition_absent() module.exit_json(changed=changed, condition=camel_dict_to_snake_dict(results))
def main(): argument_spec = dict( db_snapshot_identifier=dict(aliases=['snapshot_name']), db_instance_identifier=dict(), db_cluster_identifier=dict(), db_cluster_snapshot_identifier=dict(), snapshot_type=dict(choices=['automated', 'manual', 'shared', 'public']) ) module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[['db_snapshot_identifier', 'db_instance_identifier', 'db_cluster_identifier', 'db_cluster_snapshot_identifier']] ) if module._name == 'rds_snapshot_facts': module.deprecate("The 'rds_snapshot_facts' module has been renamed to 'rds_snapshot_info'", version='2.13') conn = module.client('rds', retry_decorator=AWSRetry.jittered_backoff(retries=10)) results = dict() if not module.params['db_cluster_identifier'] and not module.params['db_cluster_snapshot_identifier']: results['snapshots'] = standalone_snapshot_info(module, conn) if not module.params['db_snapshot_identifier'] and not module.params['db_instance_identifier']: results['cluster_snapshots'] = cluster_snapshot_info(module, conn) module.exit_json(changed=False, **results)
def test_botocore_exception_reports_nicely_via_fail_json_aws(self): basic._ANSIBLE_ARGS = to_bytes( json.dumps({ 'ANSIBLE_MODULE_ARGS': { '_ansible_tmpdir': '/tmp/ansible-abc' } })) module = AnsibleAWSModule(argument_spec=dict( fail_mode=dict(type='list', default=['success']))) fail_json_double = Mock() err_msg = {'Error': {'Code': 'FakeClass.FakeError'}} with patch.object(basic.AnsibleModule, 'fail_json', fail_json_double): try: raise botocore.exceptions.ClientError(err_msg, 'Could not find you') except Exception as e: print("exception is " + str(e)) module.fail_json_aws( e, msg="Fake failure for testing boto exception messages") assert (len(fail_json_double.mock_calls) > 0), "failed to call fail_json when should have" assert (len(fail_json_double.mock_calls) < 2), "called fail_json multiple times when once would do" assert("test_botocore_exception_reports_nicely" in fail_json_double.mock_calls[0][2]["exception"]), \ "exception traceback doesn't include correct function, fail call was actually: " \ + str(fail_json_double.mock_calls[0]) assert("Fake failure for testing boto exception messages:" in fail_json_double.mock_calls[0][2]["msg"]), \ "error message doesn't include the local message; was: " \ + str(fail_json_double.mock_calls[0]) assert("Could not find you" in fail_json_double.mock_calls[0][2]["msg"]), \ "error message doesn't include the botocore exception message; was: " \ + str(fail_json_double.mock_calls[0]) try: fail_json_double.mock_calls[0][2]["error"] except KeyError: raise Exception("error was missing; call was: " + str(fail_json_double.mock_calls[0])) assert("FakeClass.FakeError" == fail_json_double.mock_calls[0][2]["error"]["code"]), \ "Failed to find error/code; was: " + str(fail_json_double.mock_calls[0])
def main(): argument_spec = dict( name=dict(required=True, type='str'), description=dict(required=False), target_arns=dict(type='list', elements='str'), state=dict(default='present', choices=['present', 'absent']), ) module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, ) client = module.client('apigateway') state = module.params.get('state') try: if state == "present": result = ensure_vpc_link_present(module, client) elif state == 'absent': result = ensure_vpc_link_absent(module, client) except botocore.exceptions.ClientError as e: module.fail_json_aws(e) module.exit_json(**result)
def main(): argument_spec = dict( name=dict(required=True, aliases=['domain_name']), cert_arn=dict(required=False), cert_name=dict(required=False), security_policy=dict(required=False), state=dict(default='present', choices=['present', 'absent']), tags=dict(type='dict'), purge_tags=dict(type='bool', default=False), ) mutually_exclusive = [['cert_arn', 'cert_name']] module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=mutually_exclusive, ) client = module.client('apigateway') state = module.params.get('state') try: if state == "present": result = ensure_domain_name_present(module, client) elif state == 'absent': result = ensure_domain_name_absent(module, client) except botocore.exceptions.ClientError as e: module.fail_json_aws(e) module.exit_json(**result)
def main(): argument_spec = ( dict( state=dict(require=False, type='str', default='present', choices=['present', 'absent']), name=dict(required=True, type='str'), trigger_type=dict(required=False, type='str', choice=['SCHEDULED', 'CONDITIONAL', 'ON_DEMAND']), schedule=dict(required=False, type='str'), actions=dict(required=False, type='list'), ) ) module = AnsibleAWSModule( argument_spec=argument_spec, required_if=[ ('state', 'present', ['trigger_type', 'trigger_type', 'actions']), ('trigger_type', 'SCHEDULED', ['schedule']) ] ) if not HAS_BOTO: module.fail_json(msg='boto3 required for this module, install via pip or your package manager') client = module.client('glue') params = module.params if params.get('state') == 'present': changed = create_or_update_glue_trigger(client, params, module) else: changed = delete_glue_trigger(client, params, module) module.exit_json(changed=changed)
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict(az=dict(default=None, required=False), cidr=dict(default=None, required=True), ipv6_cidr=dict(default='', required=False), state=dict(default='present', choices=['present', 'absent']), tags=dict(default={}, required=False, type='dict', aliases=['resource_tags']), vpc_id=dict(default=None, required=True), map_public=dict(default=False, required=False, type='bool'), assign_instances_ipv6=dict(default=False, required=False, type='bool'), wait=dict(type='bool', default=True), wait_timeout=dict(type='int', default=300, required=False), purge_tags=dict(default=True, type='bool'))) required_if = [('assign_instances_ipv6', True, ['ipv6_cidr'])] module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True, required_if=required_if) if module.params.get( 'assign_instances_ipv6') and not module.params.get('ipv6_cidr'): module.fail_json( msg= "assign_instances_ipv6 is True but ipv6_cidr is None or an empty string" ) region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params) state = module.params.get('state') try: if state == 'present': result = ensure_subnet_present(connection, module) elif state == 'absent': result = ensure_subnet_absent(connection, module) except botocore.exceptions.ClientError as e: module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) module.exit_json(**result)
def main(): argument_spec = dict( name=dict(required=False, type='str'), id=dict(required=False, type='str'), description=dict(required=False, type='str'), value=dict(required=False, type='str'), enabled=dict(required=False, type='bool', default=False), generate_distinct_id=dict(required=False, type='bool', default=False), state=dict(default='present', choices=['present', 'absent']), ) module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, ) client = module.client('apigateway') state = module.params.get('state') try: if state == "present": result = ensure_api_key_present(module, client) elif state == 'absent': result = ensure_api_key_absent(module, client) except botocore.exceptions.ClientError as e: module.fail_json_aws(e) module.exit_json(**result)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict(names=dict(type='list', default=[]))) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, resource='ec2', conn_type='client', region=region, **aws_connect_params) placement_groups = get_placement_groups_details(connection, module) module.exit_json(changed=False, placement_groups=placement_groups)
def main(): argument_spec = dict(name=dict(required=True, type='str'), rules=dict(type='list'), state=dict(type='str', choices=['present', 'absent'], required=True)) module = AnsibleAWSModule(argument_spec=argument_spec) client = module.client('s3') state = module.params.get("state") if state == 'present': create_or_update_bucket_cors(client, module) elif state == 'absent': destroy_bucket_cors(client, module)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( task_definition=dict(required=True, type='str') )) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) ecs = boto3_conn(module, conn_type='client', resource='ecs', region=region, endpoint=ec2_url, **aws_connect_kwargs) try: ecs_td = ecs.describe_task_definition(taskDefinition=module.params['task_definition'])['taskDefinition'] except botocore.exceptions.ClientError: ecs_td = {} module.exit_json(changed=False, **camel_dict_to_snake_dict(ecs_td))
def main(): argument_spec = dict( image_ids=dict(default=[], type='list', aliases=['image_id']), filters=dict(default={}, type='dict'), owners=dict(default=[], type='list', aliases=['owner']), executable_users=dict(default=[], type='list', aliases=['executable_user']), describe_image_attributes=dict(default=False, type='bool') ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._module._name == 'ec2_ami_facts': module._module.deprecate("The 'ec2_ami_facts' module has been renamed to 'ec2_ami_info'", version='2.13', collection_name='ansible.builtin') ec2_client = module.client('ec2') list_ec2_images(ec2_client, module)
def main(): argument_spec = dict(vpc_id=dict(required=True), state=dict(default='present', choices=['present', 'absent']), tags=dict(default=dict(), required=False, type='dict', aliases=['resource_tags'])) module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, ) results = dict(changed=False) igw_manager = AnsibleEc2Igw(module=module, results=results) igw_manager.process() module.exit_json(**results)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( source_region=dict(required=True), source_image_id=dict(required=True), name=dict(default='default'), description=dict(default=''), encrypted=dict(type='bool', default=False, required=False), kms_key_id=dict(type='str', required=False), wait=dict(type='bool', default=False), wait_timeout=dict(type='int', default=600), tags=dict(type='dict')), tag_equality=dict(type='bool', default=False)) module = AnsibleAWSModule(argument_spec=argument_spec) # TODO: Check botocore version ec2 = module.client('ec2') copy_image(module, ec2)
def setup_module_object(): module = AnsibleAWSModule( argument_spec=argument_spec, required_if=required_if, mutually_exclusive=[['old_instance_id', 'source_db_instance_identifier', 'db_snapshot_identifier']], supports_check_mode=True, ) return module
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( state=dict(required=True, choices=['present', 'absent'], type='str'), policy_name=dict(required=True, type='str'), service_namespace=dict(required=True, choices=['ecs', 'elasticmapreduce', 'ec2', 'appstream', 'dynamodb'], type='str'), resource_id=dict(required=True, type='str'), scalable_dimension=dict(required=True, choices=['ecs:service:DesiredCount', 'ec2:spot-fleet-request:TargetCapacity', 'elasticmapreduce:instancegroup:InstanceCount', 'appstream:fleet:DesiredCapacity', 'dynamodb:table:ReadCapacityUnits', 'dynamodb:table:WriteCapacityUnits', 'dynamodb:index:ReadCapacityUnits', 'dynamodb:index:WriteCapacityUnits' ], type='str'), policy_type=dict(required=True, choices=['StepScaling', 'TargetTrackingScaling'], type='str'), step_scaling_policy_configuration=dict(required=False, type='dict'), target_tracking_scaling_policy_configuration=dict( required=False, type='dict', options=dict( CustomizedMetricSpecification=dict(type='dict'), DisableScaleIn=dict(type='bool'), PredefinedMetricSpecification=dict(type='dict'), ScaleInCooldown=dict(type='int'), ScaleOutCooldown=dict(type='int'), TargetValue=dict(type='float'), ) ), minimum_tasks=dict(required=False, type='int'), maximum_tasks=dict(required=False, type='int'), override_task_capacity=dict(required=False, type=bool) )) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) connection = module.client('application-autoscaling') # Remove any target_tracking_scaling_policy_configuration suboptions that are None policy_config_options = [ 'CustomizedMetricSpecification', 'DisableScaleIn', 'PredefinedMetricSpecification', 'ScaleInCooldown', 'ScaleOutCooldown', 'TargetValue' ] if isinstance(module.params['target_tracking_scaling_policy_configuration'], dict): for option in policy_config_options: if module.params['target_tracking_scaling_policy_configuration'][option] is None: module.params['target_tracking_scaling_policy_configuration'].pop(option) if module.params.get("state") == 'present': # A scalable target must be registered prior to creating a scaling policy scalable_target_result = create_scalable_target(connection, module) policy_result = create_scaling_policy(connection, module) # Merge the results of the scalable target creation and policy deletion/creation # There's no risk in overriding values since mutual keys have the same values in our case merged_result = merge_results(scalable_target_result, policy_result) module.exit_json(**merged_result) else: policy_result = delete_scaling_policy(connection, module) module.exit_json(**policy_result)
def main(): """ Main entry point. :return dict: ansible facts """ argument_spec = dict( function_name=dict(required=False, default=None, aliases=['function', 'name']), query=dict(required=False, choices=['aliases', 'all', 'config', 'mappings', 'policy', 'versions'], default='all'), event_source_arn=dict(required=False, default=None) ) module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[], required_together=[] ) # validate function_name if present function_name = module.params['function_name'] if function_name: if not re.search(r"^[\w\-:]+$", function_name): module.fail_json( msg='Function name {0} is invalid. Names must contain only alphanumeric characters and hyphens.'.format(function_name) ) if len(function_name) > 64: module.fail_json(msg='Function name "{0}" exceeds 64 character limit'.format(function_name)) client = module.client('lambda') invocations = dict( aliases='alias_details', all='all_details', config='config_details', mappings='mapping_details', policy='policy_details', versions='version_details', ) this_module_function = globals()[invocations[module.params['query']]] all_facts = fix_return(this_module_function(client, module)) results = dict(function=all_facts, changed=False) if module.check_mode: results['msg'] = 'Check mode set but ignored for fact gathering only.' module.exit_json(**results)
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict(deregistration_delay_timeout=dict(type='int'), health_check_protocol=dict( choices=['http', 'https', 'tcp', 'HTTP', 'HTTPS', 'TCP']), health_check_port=dict(), health_check_path=dict(), health_check_interval=dict(type='int'), health_check_timeout=dict(type='int'), healthy_threshold_count=dict(type='int'), modify_targets=dict(default=True, type='bool'), name=dict(required=True), port=dict(type='int'), protocol=dict( choices=['http', 'https', 'tcp', 'HTTP', 'HTTPS', 'TCP']), purge_tags=dict(default=True, type='bool'), stickiness_enabled=dict(type='bool'), stickiness_type=dict(default='lb_cookie'), stickiness_lb_cookie_duration=dict(type='int'), state=dict(required=True, choices=['present', 'absent']), successful_response_codes=dict(), tags=dict(default={}, type='dict'), target_type=dict(default='instance', choices=['instance', 'ip', 'lambda']), targets=dict(type='list'), unhealthy_threshold_count=dict(type='int'), vpc_id=dict(), wait_timeout=dict(type='int', default=200), wait=dict(type='bool', default=False))) module = AnsibleAWSModule( argument_spec=argument_spec, required_if=[ ['target_type', 'instance', ['protocol', 'port', 'vpc_id']], ['target_type', 'ip', ['protocol', 'port', 'vpc_id']], ]) connection = module.client('elbv2') if module.params.get('state') == 'present': create_or_update_target_group(connection, module) else: delete_target_group(connection, module)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( state=dict(choices=['present', 'absent'], default='present'), origin_access_identity_id=dict(), caller_reference=dict(), comment=dict(), )) result = {} e_tag = None changed = False module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False) service_mgr = CloudFrontOriginAccessIdentityServiceManager(module) validation_mgr = CloudFrontOriginAccessIdentityValidationManager(module) state = module.params.get('state') caller_reference = module.params.get('caller_reference') comment = module.params.get('comment') origin_access_identity_id = module.params.get('origin_access_identity_id') if origin_access_identity_id is None and caller_reference is not None: origin_access_identity_id = validation_mgr.validate_origin_access_identity_id_from_caller_reference(caller_reference) e_tag = validation_mgr.validate_etag_from_origin_access_identity_id(origin_access_identity_id) comment = validation_mgr.validate_comment(comment) if state == 'present': if origin_access_identity_id is not None and e_tag is not None: result, changed = service_mgr.update_origin_access_identity(caller_reference, comment, origin_access_identity_id, e_tag) else: result = service_mgr.create_origin_access_identity(caller_reference, comment) changed = True elif(state == 'absent' and origin_access_identity_id is not None and e_tag is not None): result = service_mgr.delete_origin_access_identity(origin_access_identity_id, e_tag) changed = True result.pop('ResponseMetadata', None) module.exit_json(changed=changed, **camel_dict_to_snake_dict(result))
def main(): argument_spec = dict( name=dict(required=True), state=dict(default='present', choices=['present', 'absent']), display_name=dict(), policy=dict(type='dict'), delivery_policy=dict(type='dict'), subscriptions=dict(default=[], type='list'), purge_subscriptions=dict(type='bool', default=True), ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) name = module.params.get('name') state = module.params.get('state') display_name = module.params.get('display_name') policy = module.params.get('policy') delivery_policy = module.params.get('delivery_policy') subscriptions = module.params.get('subscriptions') purge_subscriptions = module.params.get('purge_subscriptions') check_mode = module.check_mode sns_topic = SnsTopicManager(module, name, state, display_name, policy, delivery_policy, subscriptions, purge_subscriptions, check_mode) if state == 'present': changed = sns_topic.ensure_ok() elif state == 'absent': changed = sns_topic.ensure_gone() sns_facts = dict(changed=changed, sns_arn=sns_topic.topic_arn, sns_topic=sns_topic.get_info()) module.exit_json(**sns_facts)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( instance_id=dict(), image_id=dict(), architecture=dict(default='x86_64'), kernel_id=dict(), virtualization_type=dict(default='hvm'), root_device_name=dict(), delete_snapshot=dict(default=False, type='bool'), name=dict(), wait=dict(type='bool', default=False), wait_timeout=dict(default=900, type='int'), description=dict(default=''), no_reboot=dict(default=False, type='bool'), state=dict(default='present'), device_mapping=dict(type='list'), tags=dict(type='dict'), launch_permissions=dict(type='dict'), image_location=dict(), enhanced_networking=dict(type='bool'), billing_products=dict(type='list'), ramdisk_id=dict(), sriov_net_support=dict(), purge_tags=dict(type='bool', default=False) )) module = AnsibleAWSModule( argument_spec=argument_spec, required_if=[ ['state', 'absent', ['image_id']], ] ) # Using a required_one_of=[['name', 'image_id']] overrides the message that should be provided by # the required_if for state=absent, so check manually instead if not any([module.params['image_id'], module.params['name']]): module.fail_json(msg="one of the following is required: name, image_id") try: region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) except botocore.exceptions.NoRegionError: module.fail_json(msg=("Region must be specified as a parameter in AWS_DEFAULT_REGION environment variable or in boto configuration file.")) if module.params.get('state') == 'absent': deregister_image(module, connection) elif module.params.get('state') == 'present': if module.params.get('image_id'): update_image(module, connection, module.params.get('image_id')) if not module.params.get('instance_id') and not module.params.get('device_mapping'): module.fail_json(msg="The parameters instance_id or device_mapping (register from EBS snapshot) are required for a new image.") create_image(module, connection)
def main(): filters_subspec = dict( country=dict(), field_to_match=dict(choices=['uri', 'query_string', 'header', 'method', 'body']), header=dict(), transformation=dict(choices=['none', 'compress_white_space', 'html_entity_decode', 'lowercase', 'cmd_line', 'url_decode']), position=dict(choices=['exactly', 'starts_with', 'ends_with', 'contains', 'contains_word']), comparison=dict(choices=['EQ', 'NE', 'LE', 'LT', 'GE', 'GT']), target_string=dict(), # Bytes size=dict(type='int'), ip_address=dict(), regex_pattern=dict(), ) argument_spec = ec2_argument_spec() argument_spec.update( dict( name=dict(required=True), type=dict(required=True, choices=['byte', 'geo', 'ip', 'regex', 'size', 'sql', 'xss']), filters=dict(type='list'), purge_filters=dict(type='bool', default=False), state=dict(default='present', choices=['present', 'absent']), ), ) module = AnsibleAWSModule(argument_spec=argument_spec, required_if=[['state', 'present', ['filters']]]) state = module.params.get('state') region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) client = boto3_conn(module, conn_type='client', resource='waf', region=region, endpoint=ec2_url, **aws_connect_kwargs) condition = Condition(client, module) if state == 'present': (changed, results) = condition.ensure_condition_present() # return a condition agnostic ID for use by aws_waf_rule results['ConditionId'] = results[condition.conditionsetid] else: (changed, results) = condition.ensure_condition_absent() module.exit_json(changed=changed, condition=camel_dict_to_snake_dict(results))
def main(): """ Module action handler """ argument_spec = ec2_argument_spec() argument_spec.update(dict( name=dict(aliases=['role_name']), path_prefix=dict(), )) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[['name', 'path_prefix']]) region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) client = boto3_conn(module, conn_type='client', resource='iam', region=region, endpoint=ec2_url, **aws_connect_params) module.exit_json(changed=False, iam_roles=describe_iam_roles(module, client))
def main(): argument_spec = dict( users=dict(type='list', default=None, required=True) ) module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True ) iam_connection = module.client('iam') sts_connection = module.client('sts') # compare_current_user(sts_connection, module) (users_changed_data, meta_create_update) = create_or_update_users(iam_connection, module) (users_deleted_data, meta_delete) = compare_users(iam_connection, module) module.exit_json(create_update_changed=users_changed_data, delete_changed=users_deleted_data, iam_users_create_update_data=meta_create_update, iam_users_delete_data=meta_delete)
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( name=dict(required=False), ) ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) client = boto3_conn(module, conn_type='client', resource='waf', region=region, endpoint=ec2_url, **aws_connect_kwargs) web_acls = list_web_acls(client, module) name = module.params['name'] if name: web_acls = [web_acl for web_acl in web_acls if web_acl['Name'] == name] if not web_acls: module.fail_json(msg="WAF named %s not found" % name) module.exit_json(wafs=[get_web_acl(client, module, web_acl['WebACLId']) for web_acl in web_acls])
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( names=dict(type='list', default=[]) ) ) module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True ) region, ec2_url, aws_connect_params = get_aws_connection_info( module, boto3=True) connection = boto3_conn(module, resource='ec2', conn_type='client', region=region, endpoint=ec2_url, **aws_connect_params) placement_groups = get_placement_groups_details(connection, module) module.exit_json(changed=False, placement_groups=placement_groups)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( instance_id=dict(), image_id=dict(), architecture=dict(default='x86_64'), kernel_id=dict(), virtualization_type=dict(default='hvm'), root_device_name=dict(), delete_snapshot=dict(default=False, type='bool'), name=dict(), wait=dict(type='bool', default=False), wait_timeout=dict(default=900, type='int'), description=dict(default=''), no_reboot=dict(default=False, type='bool'), state=dict(default='present'), device_mapping=dict(type='list'), tags=dict(type='dict'), launch_permissions=dict(type='dict'), image_location=dict(), enhanced_networking=dict(type='bool'), billing_products=dict(type='list'), ramdisk_id=dict(), sriov_net_support=dict(), purge_tags=dict(type='bool', default=False) )) module = AnsibleAWSModule( argument_spec=argument_spec, required_if=[ ['state', 'absent', ['image_id']], ] ) # Using a required_one_of=[['name', 'image_id']] overrides the message that should be provided by # the required_if for state=absent, so check manually instead if not any([module.params['image_id'], module.params['name']]): module.fail_json(msg="one of the following is required: name, image_id") try: region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) except botocore.exceptions.NoRegionError: module.fail_json(msg=("Region must be specified as a parameter in AWS_DEFAULT_REGION environment variable or in boto configuration file.")) if module.params.get('state') == 'absent': deregister_image(module, connection) elif module.params.get('state') == 'present': if module.params.get('image_id'): update_image(module, connection, module.params.get('image_id')) if not module.params.get('instance_id') and not module.params.get('device_mapping'): module.fail_json(msg="The parameters instance_id or device_mapping (register from EBS snapshot) are required for a new image.") create_image(module, connection)
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( image_ids=dict(default=[], type='list', aliases=['image_id']), filters=dict(default={}, type='dict'), owners=dict(default=[], type='list', aliases=['owner']), executable_users=dict(default=[], type='list', aliases=['executable_user']), describe_image_attributes=dict(default=False, type='bool') ) ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) if region: ec2_client = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params) else: module.fail_json(msg="region must be specified") list_ec2_images(ec2_client, module)
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( name=dict(required=True), schedule_expression=dict(), event_pattern=dict(), state=dict(choices=['present', 'disabled', 'absent'], default='present'), description=dict(), role_arn=dict(), targets=dict(type='list', default=[]), ) ) module = AnsibleAWSModule(argument_spec=argument_spec) rule_data = dict( [(rf, module.params.get(rf)) for rf in CloudWatchEventRuleManager.RULE_FIELDS] ) targets = module.params.get('targets') state = module.params.get('state') cwe_rule = CloudWatchEventRule(module, client=get_cloudwatchevents_client(module), **rule_data) cwe_rule_manager = CloudWatchEventRuleManager(cwe_rule, targets) if state == 'present': cwe_rule_manager.ensure_present() elif state == 'disabled': cwe_rule_manager.ensure_disabled() elif state == 'absent': cwe_rule_manager.ensure_absent() else: module.fail_json(msg="Invalid state '{0}' provided".format(state)) module.exit_json(**cwe_rule_manager.fetch_aws_state())
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( az=dict(default=None, required=False), cidr=dict(default=None, required=True), ipv6_cidr=dict(default='', required=False), state=dict(default='present', choices=['present', 'absent']), tags=dict(default={}, required=False, type='dict', aliases=['resource_tags']), vpc_id=dict(default=None, required=True), map_public=dict(default=False, required=False, type='bool'), assign_instances_ipv6=dict(default=False, required=False, type='bool'), wait=dict(type='bool', default=True), wait_timeout=dict(type='int', default=300, required=False), purge_tags=dict(default=True, type='bool') ) ) required_if = [('assign_instances_ipv6', True, ['ipv6_cidr'])] module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True, required_if=required_if) if module.params.get('assign_instances_ipv6') and not module.params.get('ipv6_cidr'): module.fail_json(msg="assign_instances_ipv6 is True but ipv6_cidr is None or an empty string") if LooseVersion(botocore.__version__) < "1.7.0": module.warn("botocore >= 1.7.0 is required to use wait_timeout for custom wait times") region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params) state = module.params.get('state') try: if state == 'present': result = ensure_subnet_present(connection, module) elif state == 'absent': result = ensure_subnet_absent(connection, module) except botocore.exceptions.ClientError as e: module.fail_json_aws(e) module.exit_json(**result)
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( lookup=dict(default='tag', choices=['tag', 'id']), propagating_vgw_ids=dict(type='list'), purge_routes=dict(default=True, type='bool'), purge_subnets=dict(default=True, type='bool'), purge_tags=dict(default=False, type='bool'), route_table_id=dict(), routes=dict(default=[], type='list'), state=dict(default='present', choices=['present', 'absent']), subnets=dict(type='list'), tags=dict(type='dict', aliases=['resource_tags']), vpc_id=dict() ) ) module = AnsibleAWSModule(argument_spec=argument_spec, required_if=[['lookup', 'id', ['route_table_id']], ['lookup', 'tag', ['vpc_id']], ['state', 'present', ['vpc_id']]], supports_check_mode=True) region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params) state = module.params.get('state') if state == 'present': result = ensure_route_table_present(connection, module) elif state == 'absent': result = ensure_route_table_absent(connection, module) module.exit_json(**result)
def main(): module = AnsibleAWSModule( argument_spec={ 'identity': dict(required=True, type='str'), 'state': dict(default='present', choices=['present', 'absent']), 'policy_name': dict(required=True, type='str'), 'policy': dict(type='json', default=None), }, required_if=[['state', 'present', ['policy']]], supports_check_mode=True, ) # SES APIs seem to have a much lower throttling threshold than most of the rest of the AWS APIs. # Docs say 1 call per second. This shouldn't actually be a big problem for normal usage, but # the ansible build runs multiple instances of the test in parallel that's caused throttling # failures so apply a jittered backoff to call SES calls. connection = module.client('ses', retry_decorator=AWSRetry.jittered_backoff()) state = module.params.get("state") if state == 'present': create_or_update_identity_policy(connection, module) else: delete_identity_policy(connection, module)
def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( name=dict(type='str'), state=dict(default='present', choices=['present', 'absent']), strategy=dict(default='cluster', choices=['cluster', 'spread']) ) ) module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True ) region, ec2_url, aws_connect_params = get_aws_connection_info( module, boto3=True) connection = boto3_conn(module, resource='ec2', conn_type='client', region=region, endpoint=ec2_url, **aws_connect_params) state = module.params.get("state") if state == 'present': placement_group = get_placement_group_details(connection, module) if placement_group is None: create_placement_group(connection, module) else: strategy = module.params.get("strategy") if placement_group['strategy'] == strategy: module.exit_json( changed=False, placement_group=placement_group) else: name = module.params.get("name") module.fail_json( msg=("Placement group '{}' exists, can't change strategy" + " from '{}' to '{}'").format( name, placement_group['strategy'], strategy)) elif state == 'absent': placement_group = get_placement_group_details(connection, module) if placement_group is None: module.exit_json(changed=False) else: delete_placement_group(connection, module)
def main(): module = AnsibleAWSModule( argument_spec={}, supports_check_mode=True, ) client = module.client('sts') try: caller_identity = client.get_caller_identity() caller_identity.pop('ResponseMetadata', None) module.exit_json( changed=False, **camel_dict_to_snake_dict(caller_identity) ) except (BotoCoreError, ClientError) as e: module.fail_json_aws(e, msg='Failed to retrieve caller identity')
def main(): argument_spec = dict( zone=dict(required=True), state=dict(default='present', choices=['present', 'absent']), vpc_id=dict(default=None), vpc_region=dict(default=None), comment=dict(default=''), hosted_zone_id=dict(), delegation_set_id=dict(), ) mutually_exclusive = [ ['delegation_set_id', 'vpc_id'], ['delegation_set_id', 'vpc_region'], ] module = AnsibleAWSModule( argument_spec=argument_spec, mutually_exclusive=mutually_exclusive, supports_check_mode=True, ) zone_in = module.params.get('zone').lower() state = module.params.get('state').lower() vpc_id = module.params.get('vpc_id') vpc_region = module.params.get('vpc_region') if not zone_in.endswith('.'): zone_in += "." private_zone = bool(vpc_id and vpc_region) client = module.client('route53') zones = find_zones(module, client, zone_in, private_zone) if state == 'present': changed, result = create(module, client, matching_zones=zones) elif state == 'absent': changed, result = delete(module, client, matching_zones=zones) if isinstance(result, dict): module.exit_json(changed=changed, result=result, **result) else: module.exit_json(changed=changed, result=result)
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( state=dict(required=True, choices=['present', 'absent']), id_to_associate=dict(required=True, aliases=['link_aggregation_group_id', 'connection_id']), public=dict(type='bool'), name=dict(), vlan=dict(type='int', default=100), bgp_asn=dict(type='int', default=65000), authentication_key=dict(), amazon_address=dict(), customer_address=dict(), address_type=dict(), cidr=dict(type='list'), virtual_gateway_id=dict(), virtual_interface_id=dict() )) module = AnsibleAWSModule(argument_spec=argument_spec, required_one_of=[['virtual_interface_id', 'name']], required_if=[['state', 'present', ['public']], ['public', False, ['virtual_gateway_id']], ['public', True, ['amazon_address']], ['public', True, ['customer_address']], ['public', True, ['cidr']]]) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='directconnect', region=region, endpoint=ec2_url, **aws_connect_kwargs) try: changed, latest_state = ensure_state(connection, module) except DirectConnectError as e: if e.exception: module.fail_json_aws(exception=e.exception, msg=e.msg) else: module.fail_json(msg=e.msg) module.exit_json(changed=changed, **camel_dict_to_snake_dict(latest_state))
def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( state=dict(required=True, choices=['present', 'absent'], type='str'), policy_name=dict(required=True, type='str'), service_namespace=dict(required=True, choices=['ecs', 'elasticmapreduce', 'ec2', 'appstream', 'dynamodb'], type='str'), resource_id=dict(required=True, type='str'), scalable_dimension=dict(required=True, choices=['ecs:service:DesiredCount', 'ec2:spot-fleet-request:TargetCapacity', 'elasticmapreduce:instancegroup:InstanceCount', 'appstream:fleet:DesiredCapacity', 'dynamodb:table:ReadCapacityUnits', 'dynamodb:table:WriteCapacityUnits', 'dynamodb:index:ReadCapacityUnits', 'dynamodb:index:WriteCapacityUnits' ], type='str'), policy_type=dict(required=True, choices=['StepScaling', 'TargetTrackingScaling'], type='str'), step_scaling_policy_configuration=dict(required=False, type='dict'), target_tracking_scaling_policy_configuration=dict(required=False, type='dict'), minimum_tasks=dict(required=False, type='int'), maximum_tasks=dict(required=False, type='int'), override_task_capacity=dict(required=False, type=bool) )) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) connection = module.client('application-autoscaling') if module.params.get("state") == 'present': # A scalable target must be registered prior to creating a scaling policy scalable_target_result = create_scalable_target(connection, module) policy_result = create_scaling_policy(connection, module) # Merge the results of the scalable target creation and policy deletion/creation # There's no risk in overriding values since mutual keys have the same values in our case merged_result = merge_results(scalable_target_result, policy_result) module.exit_json(**merged_result) else: policy_result = delete_scaling_policy(connection, module) module.exit_json(**policy_result)