def get_nat_gateways(client, module):
params = dict()
nat_gateways = list()
params['Filter'] = ansible_dict_to_boto3_filter_list(
module.params.get('filters'))
params['NatGatewayIds'] = module.params.get('nat_gateway_ids')
try:
result = normalize_boto3_result(
_describe_nat_gateways(client, module, **params))
except (botocore.exceptions.ClientError,
botocore.exceptions.BotoCoreError) as e:
module.fail_json_aws(e, 'Unable to describe NAT gateways.')
for gateway in result:
# Turn the boto3 result into ansible_friendly_snaked_names
converted_gateway = camel_dict_to_snake_dict(gateway)
if 'tags' in converted_gateway:
# Turn the boto3 result into ansible friendly tag dictionary
converted_gateway['tags'] = boto3_tag_list_to_ansible_dict(
converted_gateway['tags'])
nat_gateways.append(converted_gateway)
return nat_gateways
def get_endpoints(client, module, endpoint_id=None):
params = dict()
if endpoint_id:
params['VpcEndpointIds'] = [endpoint_id]
else:
filters = list()
if module.params.get('service'):
filters.append({
'Name': 'service-name',
'Values': [module.params.get('service')]
})
if module.params.get('vpc_id'):
filters.append({
'Name': 'vpc-id',
'Values': [module.params.get('vpc_id')]
})
params['Filters'] = filters
try:
result = client.describe_vpc_endpoints(aws_retry=True, **params)
except (botocore.exceptions.BotoCoreError,
botocore.exceptions.ClientError) as e:
module.fail_json_aws(e, msg="Failed to get endpoints")
# normalize iso datetime fields in result
normalized_result = normalize_boto3_result(result)
return normalized_result
def fetch_rules(client, module, name):
# Get the bucket's current lifecycle rules
try:
current_lifecycle = client.get_bucket_lifecycle_configuration(
aws_retry=True, Bucket=name)
current_lifecycle_rules = normalize_boto3_result(
current_lifecycle['Rules'])
except is_boto3_error_code('NoSuchLifecycleConfiguration'):
current_lifecycle_rules = []
except (botocore.exceptions.ClientError,
botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except
module.fail_json_aws(e)
return current_lifecycle_rules
def get_endpoints(client, module):
results = list()
params = dict()
params['Filters'] = ansible_dict_to_boto3_filter_list(module.params.get('filters'))
if module.params.get('vpc_endpoint_ids'):
params['VpcEndpointIds'] = module.params.get('vpc_endpoint_ids')
try:
results = _describe_endpoints(client, **params)['VpcEndpoints']
results = normalize_boto3_result(results)
except is_boto3_error_code('InvalidVpcEndpointId.NotFound'):
module.exit_json(msg='VpcEndpoint {0} does not exist'.format(module.params.get('vpc_endpoint_ids')), vpc_endpoints=[])
except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: # pylint: disable=duplicate-except
module.fail_json_aws(e, msg="Failed to get endpoints")
return dict(vpc_endpoints=[camel_dict_to_snake_dict(result) for result in results])
def get_vpc_peers(client, module):
params = dict()
params['Filters'] = ansible_dict_to_boto3_filter_list(
module.params.get('filters'))
if module.params.get('peer_connection_ids'):
params['VpcPeeringConnectionIds'] = module.params.get(
'peer_connection_ids')
try:
result = client.describe_vpc_peering_connections(aws_retry=True,
**params)
result = normalize_boto3_result(result)
except (botocore.exceptions.ClientError,
botocore.exceptions.BotoCoreError) as e:
module.fail_json_aws(e, msg="Failed to describe peering connections")
return result['VpcPeeringConnections']
def get_access_keys(user):
try:
results = client.list_access_keys(aws_retry=True, UserName=user)
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
module.fail_json_aws(
e, msg='Failed to get access keys for user "{0}"'.format(user)
)
if not results:
return None
results = camel_dict_to_snake_dict(results)
access_keys = results.get('access_key_metadata', [])
if not access_keys:
return []
access_keys = normalize_boto3_result(access_keys)
access_keys = sorted(access_keys, key=lambda d: d.get('create_date', None))
return access_keys
def create_access_key(access_keys, user, rotate_keys, enabled):
changed = False
oldest_key = False
if len(access_keys) > 1 and rotate_keys:
sorted_keys = sorted(
list(access_keys),
key=lambda k: access_keys[k].get('create_date', None))
oldest_key = sorted_keys[0]
changed |= delete_access_key(access_keys, user, oldest_key)
if module.check_mode:
if changed:
return dict(deleted_access_key=oldest_key)
return True
try:
results = client.create_access_key(aws_retry=True, UserName=user)
except (botocore.exceptions.ClientError,
botocore.exceptions.BotoCoreError) as e:
module.fail_json_aws(
e, msg='Failed to create access key for user "{0}"'.format(user))
results = camel_dict_to_snake_dict(results)
access_key = results.get('access_key')
access_key = normalize_boto3_result(access_key)
# Update settings which can't be managed on creation
if enabled is False:
access_key_id = access_key['access_key_id']
access_keys = {access_key_id: access_key}
update_access_key(access_keys, user, access_key_id, enabled)
access_key['status'] = 'Inactive'
if oldest_key:
access_key['deleted_access_key'] = oldest_key
return access_key
def test_normalize_boto3_result(input_params, output_params):
assert normalize_boto3_result(input_params) == output_params