def main():
module = AnsibleAWSModule(
argument_spec={},
supports_check_mode=True,
)
if module._name == 'aws_caller_facts':
module.deprecate("The 'aws_caller_facts' module has been renamed to 'aws_caller_info'", version='2.13')
client = module.client('sts')
try:
caller_info = client.get_caller_identity()
caller_info.pop('ResponseMetadata', None)
except (BotoCoreError, ClientError) as e:
module.fail_json_aws(e, msg='Failed to retrieve caller identity')
iam_client = module.client('iam')
try:
# Although a list is returned by list_account_aliases AWS supports maximum one alias per account.
# If an alias is defined it will be returned otherwise a blank string is filled in as account_alias.
# see https://docs.aws.amazon.com/cli/latest/reference/iam/list-account-aliases.html#output
response = iam_client.list_account_aliases()
if response and response['AccountAliases']:
caller_info['account_alias'] = response['AccountAliases'][0]
else:
caller_info['account_alias'] = ''
except (BotoCoreError, ClientError) as e:
# The iam:ListAccountAliases permission is required for this operation to succeed.
# Lacking this permission is handled gracefully by not returning the account_alias.
pass
module.exit_json(
changed=False,
**camel_dict_to_snake_dict(caller_info))
def main():
argument_spec = (dict(catalog_id=dict(type='str'),
connection_properties=dict(type='dict'),
connection_type=dict(type='str',
default='JDBC',
choices=['JDBC', 'SFTP']),
description=dict(type='str'),
match_criteria=dict(type='list'),
name=dict(required=True, type='str'),
security_groups=dict(type='list'),
state=dict(required=True,
choices=['present', 'absent'],
type='str'),
subnet_id=dict(type='str')))
module = AnsibleAWSModule(argument_spec=argument_spec,
required_if=[('state', 'present',
['connection_properties'])])
connection_glue = module.client('glue')
connection_ec2 = module.client('ec2')
glue_connection = _get_glue_connection(connection_glue, module)
if module.params.get("state") == 'present':
create_or_update_glue_connection(connection_glue, connection_ec2,
module, glue_connection)
else:
delete_glue_connection(connection_glue, module, glue_connection)
def main():
"""
Main entry point.
:return dict: changed, batch_job_queue_action, response
"""
argument_spec = dict(
state=dict(required=False, default='present', choices=['present', 'absent']),
job_queue_name=dict(required=True),
job_queue_state=dict(required=False, default='ENABLED', choices=['ENABLED', 'DISABLED']),
priority=dict(type='int', required=True),
compute_environment_order=dict(type='list', required=True),
)
module = AnsibleAWSModule(
argument_spec=argument_spec,
supports_check_mode=True
)
client = module.client('batch')
validate_params(module)
results = manage_state(module, client)
module.exit_json(**camel_dict_to_snake_dict(results))
def main():
argument_spec = dict(name=dict(required=True),
description=dict(),
source=dict(required=True, type='dict'),
artifacts=dict(required=True, type='dict'),
cache=dict(type='dict'),
environment=dict(type='dict'),
service_role=dict(),
timeout_in_minutes=dict(type='int', default=60),
encryption_key=dict(),
tags=dict(type='list'),
vpc_config=dict(type='dict'),
state=dict(choices=['present', 'absent'],
default='present'))
module = AnsibleAWSModule(argument_spec=argument_spec)
client_conn = module.client('codebuild')
state = module.params.get('state')
changed = False
if state == 'present':
project_result, changed = create_or_update_project(
client=client_conn, params=module.params, module=module)
elif state == 'absent':
project_result, changed = delete_project(client=client_conn,
name=module.params['name'],
module=module)
module.exit_json(changed=changed,
**camel_dict_to_snake_dict(project_result))
def main():
argument_spec = dict(filters=dict(default={}, type='dict'))
module = AnsibleAWSModule(argument_spec=argument_spec)
if module._name == 'aws_az_facts':
module.deprecate(
"The 'aws_az_facts' module has been renamed to 'aws_az_info'",
version='2.14')
connection = module.client('ec2',
retry_decorator=AWSRetry.jittered_backoff())
# Replace filter key underscores with dashes, for compatibility
sanitized_filters = dict((k.replace('_', '-'), v)
for k, v in module.params.get('filters').items())
try:
availability_zones = connection.describe_availability_zones(
Filters=ansible_dict_to_boto3_filter_list(sanitized_filters))
except (BotoCoreError, ClientError) as e:
module.fail_json_aws(e, msg="Unable to describe availability zones.")
# Turn the boto3 result into ansible_friendly_snaked_names
snaked_availability_zones = [
camel_dict_to_snake_dict(az)
for az in availability_zones['AvailabilityZones']
]
module.exit_json(availability_zones=snaked_availability_zones)
def main():
argument_spec = dict(
name=dict(type='str', required=True),
state=dict(type='str',
default='present',
choices=['present', 'absent']),
active=dict(type='bool'),
force=dict(type='bool', default=False),
)
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
state = module.params.get('state')
# SES APIs seem to have a much lower throttling threshold than most of the rest of the AWS APIs.
# Docs say 1 call per second. This shouldn't actually be a big problem for normal usage, but
# the ansible build runs multiple instances of the test in parallel that's caused throttling
# failures so apply a jittered backoff to call SES calls.
client = module.client('ses', retry_decorator=AWSRetry.jittered_backoff())
if state == 'absent':
remove_rule_set(client, module)
else:
create_or_update_rule_set(client, module)
def main():
argument_spec = dict(
name=dict(required=True),
schedule_expression=dict(),
event_pattern=dict(),
state=dict(choices=['present', 'disabled', 'absent'],
default='present'),
description=dict(),
role_arn=dict(),
targets=dict(type='list', default=[]),
)
module = AnsibleAWSModule(argument_spec=argument_spec)
rule_data = dict(
[(rf, module.params.get(rf)) for rf in CloudWatchEventRuleManager.RULE_FIELDS]
)
targets = module.params.get('targets')
state = module.params.get('state')
client = module.client('events')
cwe_rule = CloudWatchEventRule(module, client=client, **rule_data)
cwe_rule_manager = CloudWatchEventRuleManager(cwe_rule, targets)
if state == 'present':
cwe_rule_manager.ensure_present()
elif state == 'disabled':
cwe_rule_manager.ensure_disabled()
elif state == 'absent':
cwe_rule_manager.ensure_absent()
else:
module.fail_json(msg="Invalid state '{0}' provided".format(state))
module.exit_json(**cwe_rule_manager.fetch_aws_state())
def main():
argument_spec = dict(iam_type=dict(required=True,
choices=['user', 'group', 'role']),
state=dict(default='present',
choices=['present', 'absent']),
iam_name=dict(required=True),
policy_name=dict(required=True),
policy_document=dict(default=None, required=False),
policy_json=dict(type='json',
default=None,
required=False),
skip_duplicates=dict(type='bool',
default=None,
required=False))
mutually_exclusive = [['policy_document', 'policy_json']]
module = AnsibleAWSModule(argument_spec=argument_spec,
mutually_exclusive=mutually_exclusive,
supports_check_mode=True)
skip_duplicates = module.params.get('skip_duplicates')
if (skip_duplicates is None):
module.deprecate(
'The skip_duplicates behaviour has caused confusion and'
' will be disabled by default in Ansible 2.14',
version='2.14')
skip_duplicates = True
if module.params.get('policy_document'):
module.deprecate(
'The policy_document option has been deprecated and'
' will be removed in Ansible 2.14',
version='2.14')
args = dict(
client=module.client('iam'),
name=module.params.get('iam_name'),
policy_name=module.params.get('policy_name'),
policy_document=module.params.get('policy_document'),
policy_json=module.params.get('policy_json'),
skip_duplicates=skip_duplicates,
state=module.params.get('state'),
check_mode=module.check_mode,
)
iam_type = module.params.get('iam_type')
try:
if iam_type == 'user':
policy = UserPolicy(**args)
elif iam_type == 'role':
policy = RolePolicy(**args)
elif iam_type == 'group':
policy = GroupPolicy(**args)
module.exit_json(**(policy.run()))
except (BotoCoreError, ClientError) as e:
module.fail_json_aws(e)
except PolicyError as e:
module.fail_json(msg=str(e))
def main():
module = AnsibleAWSModule(
argument_spec={
'identity': dict(required=True, type='str'),
'state': dict(default='present', choices=['present', 'absent']),
'policy_name': dict(required=True, type='str'),
'policy': dict(type='json', default=None),
},
required_if=[['state', 'present', ['policy']]],
supports_check_mode=True,
)
# SES APIs seem to have a much lower throttling threshold than most of the rest of the AWS APIs.
# Docs say 1 call per second. This shouldn't actually be a big problem for normal usage, but
# the ansible build runs multiple instances of the test in parallel that's caused throttling
# failures so apply a jittered backoff to call SES calls.
connection = module.client('ses',
retry_decorator=AWSRetry.jittered_backoff())
state = module.params.get("state")
if state == 'present':
create_or_update_identity_policy(connection, module)
else:
delete_identity_policy(connection, module)
def main():
argument_spec = dict(
iam_type=dict(required=True, choices=['user', 'group', 'role']),
iam_name=dict(required=True),
policy_name=dict(default=None, required=False),
)
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
args = dict(
client=module.client('iam'),
name=module.params.get('iam_name'),
policy_name=module.params.get('policy_name'),
)
iam_type = module.params.get('iam_type')
try:
if iam_type == 'user':
policy = UserPolicy(**args)
elif iam_type == 'role':
policy = RolePolicy(**args)
elif iam_type == 'group':
policy = GroupPolicy(**args)
module.exit_json(**(policy.run()))
except (BotoCoreError, ClientError) as e:
if e.response['Error']['Code'] == 'NoSuchEntity':
module.exit_json(changed=False, msg=e.response['Error']['Message'])
module.fail_json_aws(e)
except PolicyError as e:
module.fail_json(msg=str(e))
def main():
argument_spec = dict(
autoscaling_group_name=dict(required=True, type='str'),
lifecycle_hook_name=dict(required=True, type='str'),
transition=dict(type='str', choices=['autoscaling:EC2_INSTANCE_TERMINATING', 'autoscaling:EC2_INSTANCE_LAUNCHING']),
role_arn=dict(type='str'),
notification_target_arn=dict(type='str'),
notification_meta_data=dict(type='str'),
heartbeat_timeout=dict(type='int'),
default_result=dict(default='ABANDON', choices=['ABANDON', 'CONTINUE']),
state=dict(default='present', choices=['present', 'absent'])
)
module = AnsibleAWSModule(argument_spec=argument_spec,
required_if=[['state', 'present', ['transition']]])
state = module.params.get('state')
connection = module.client('autoscaling')
changed = False
if state == 'present':
changed = create_lifecycle_hook(connection, module)
elif state == 'absent':
changed = delete_lifecycle_hook(connection, module)
module.exit_json(changed=changed)
def main():
module = AnsibleAWSModule(
argument_spec=dict(
state=dict(choices=['present', 'absent'], default='present'),
db_snapshot_identifier=dict(aliases=['id', 'snapshot_id'],
required=True),
db_instance_identifier=dict(aliases=['instance_id']),
wait=dict(type='bool', default=False),
wait_timeout=dict(type='int', default=300),
tags=dict(type='dict'),
purge_tags=dict(type='bool', default=True),
),
required_if=[['state', 'present', ['db_instance_identifier']]])
client = module.client('rds',
retry_decorator=AWSRetry.jittered_backoff(
retries=10,
catch_extra_error_codes=['DBSnapshotNotFound']))
if module.params['state'] == 'absent':
ret_dict = ensure_snapshot_absent(client, module)
else:
ret_dict = ensure_snapshot_present(client, module)
module.exit_json(**ret_dict)
def main():
module = AnsibleAWSModule(
argument_spec={
'state':
dict(type='str', choices=['present', 'absent'], default='present'),
'authorized_account_id':
dict(type='str', required=True),
'authorized_aws_region':
dict(type='str', required=True),
},
supports_check_mode=False,
)
result = {'changed': False}
params = {
'AuthorizedAccountId': module.params.get('authorized_account_id'),
'AuthorizedAwsRegion': module.params.get('authorized_aws_region'),
}
client = module.client('config',
retry_decorator=AWSRetry.jittered_backoff())
resource_status = resource_exists(client, module, params)
if module.params.get('state') == 'present':
if not resource_status:
create_resource(client, module, params, result)
else:
update_resource(client, module, params, result)
if module.params.get('state') == 'absent':
if resource_status:
delete_resource(client, module, params, result)
module.exit_json(changed=result['changed'])
def main():
argument_spec = dict(
name=dict(required=True),
managed_policies=dict(default=[],
type='list',
aliases=['managed_policy']),
users=dict(default=[], type='list'),
state=dict(choices=['present', 'absent'], required=True),
purge_users=dict(default=False, type='bool'),
purge_policies=dict(default=False,
type='bool',
aliases=['purge_policy',
'purge_managed_policies']))
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
connection = module.client('iam')
state = module.params.get("state")
if state == 'present':
create_or_update_group(connection, module)
else:
destroy_group(connection, module)
def main():
argument_spec = dict(name=dict(required=True),
key_material=dict(),
force=dict(type='bool', default=True),
state=dict(default='present',
choices=['present', 'absent']),
wait=dict(type='bool', removed_in_version='2.14'),
wait_timeout=dict(type='int',
removed_in_version='2.14'))
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
ec2_client = module.client('ec2')
name = module.params['name']
state = module.params.get('state')
key_material = module.params.get('key_material')
force = module.params.get('force')
if state == 'absent':
delete_key_pair(module, ec2_client, name)
elif state == 'present':
create_key_pair(module, ec2_client, name, key_material, force)
def main():
argument_spec = dict(
lookup=dict(default='tag', choices=['tag', 'id']),
propagating_vgw_ids=dict(type='list'),
purge_routes=dict(default=True, type='bool'),
purge_subnets=dict(default=True, type='bool'),
purge_tags=dict(default=False, type='bool'),
route_table_id=dict(),
routes=dict(default=[], type='list'),
state=dict(default='present', choices=['present', 'absent']),
subnets=dict(type='list'),
tags=dict(type='dict', aliases=['resource_tags']),
vpc_id=dict()
)
module = AnsibleAWSModule(argument_spec=argument_spec,
required_if=[['lookup', 'id', ['route_table_id']],
['lookup', 'tag', ['vpc_id']],
['state', 'present', ['vpc_id']]],
supports_check_mode=True)
connection = module.client('ec2')
state = module.params.get('state')
if state == 'present':
result = ensure_route_table_present(connection, module)
elif state == 'absent':
result = ensure_route_table_absent(connection, module)
module.exit_json(**result)
def main():
argument_spec = dict(
name=dict(required=True, type='str'),
metric=dict(type='str'),
namespace=dict(type='str'),
statistic=dict(type='str', choices=['SampleCount', 'Average', 'Sum', 'Minimum', 'Maximum']),
comparison=dict(type='str', choices=['LessThanOrEqualToThreshold', 'LessThanThreshold', 'GreaterThanThreshold',
'GreaterThanOrEqualToThreshold', '<=', '<', '>', '>=']),
threshold=dict(type='float'),
period=dict(type='int'),
unit=dict(type='str', choices=['Seconds', 'Microseconds', 'Milliseconds', 'Bytes', 'Kilobytes', 'Megabytes', 'Gigabytes',
'Terabytes', 'Bits', 'Kilobits', 'Megabits', 'Gigabits', 'Terabits', 'Percent', 'Count',
'Bytes/Second', 'Kilobytes/Second', 'Megabytes/Second', 'Gigabytes/Second',
'Terabytes/Second', 'Bits/Second', 'Kilobits/Second', 'Megabits/Second', 'Gigabits/Second',
'Terabits/Second', 'Count/Second', 'None']),
evaluation_periods=dict(type='int'),
description=dict(type='str'),
dimensions=dict(type='dict', default={}),
alarm_actions=dict(type='list', default=[]),
insufficient_data_actions=dict(type='list', default=[]),
ok_actions=dict(type='list', default=[]),
treat_missing_data=dict(type='str', choices=['breaching', 'notBreaching', 'ignore', 'missing'], default='missing'),
state=dict(default='present', choices=['present', 'absent']),
)
module = AnsibleAWSModule(argument_spec=argument_spec)
state = module.params.get('state')
connection = module.client('cloudwatch')
if state == 'present':
create_metric_alarm(connection, module)
elif state == 'absent':
delete_metric_alarm(connection, module)
def main():
module_args = dict(
action=dict(choices=['start', 'stop'], default='start'),
name=dict(type='str'),
execution_input=dict(type='json', default={}),
state_machine_arn=dict(type='str'),
cause=dict(type='str', default=''),
error=dict(type='str', default=''),
execution_arn=dict(type='str')
)
module = AnsibleAWSModule(
argument_spec=module_args,
required_if=[('action', 'start', ['name', 'state_machine_arn']),
('action', 'stop', ['execution_arn']),
],
supports_check_mode=True
)
sfn_client = module.client('stepfunctions')
action = module.params.get('action')
if action == "start":
start_execution(module, sfn_client)
else:
stop_execution(module, sfn_client)
def main():
argument_spec = dict(image_ids=dict(default=[],
type='list',
aliases=['image_id']),
filters=dict(default={}, type='dict'),
owners=dict(default=[],
type='list',
aliases=['owner']),
executable_users=dict(default=[],
type='list',
aliases=['executable_user']),
describe_image_attributes=dict(default=False,
type='bool'))
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True)
if module._module._name == 'ec2_ami_facts':
module._module.deprecate(
"The 'ec2_ami_facts' module has been renamed to 'ec2_ami_info'",
version='2.13')
ec2_client = module.client('ec2')
list_ec2_images(ec2_client, module)
def main():
argument_spec = dict(
state=dict(type='str', default='present', choices=['present', 'absent']),
name=dict(type='str', required=True),
queue_type=dict(type='str', default='standard', choices=['standard', 'fifo']),
delay_seconds=dict(type='int', aliases=['delivery_delay']),
maximum_message_size=dict(type='int'),
message_retention_period=dict(type='int'),
policy=dict(type='dict'),
receive_message_wait_time_seconds=dict(type='int', aliases=['receive_message_wait_time']),
redrive_policy=dict(type='dict'),
visibility_timeout=dict(type='int', aliases=['default_visibility_timeout']),
kms_master_key_id=dict(type='str'),
kms_data_key_reuse_period_seconds=dict(type='int', aliases=['kms_data_key_reuse_period']),
content_based_deduplication=dict(type='bool'),
tags=dict(type='dict'),
purge_tags=dict(type='bool', default=False),
)
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
state = module.params.get('state')
retry_decorator = AWSRetry.jittered_backoff(catch_extra_error_codes=['AWS.SimpleQueueService.NonExistentQueue'])
try:
client = module.client('sqs', retry_decorator=retry_decorator)
if state == 'present':
result = create_or_update_sqs_queue(client, module)
elif state == 'absent':
result = delete_sqs_queue(client, module)
except (BotoCoreError, ClientError, ParamValidationError) as e:
module.fail_json_aws(e, msg='Failed to control sqs queue')
else:
module.exit_json(**result)
def main():
argument_spec = dict(
db_snapshot_identifier=dict(aliases=['snapshot_name']),
db_instance_identifier=dict(),
db_cluster_identifier=dict(),
db_cluster_snapshot_identifier=dict(),
snapshot_type=dict(
choices=['automated', 'manual', 'shared', 'public']))
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True,
mutually_exclusive=[[
'db_snapshot_identifier',
'db_instance_identifier',
'db_cluster_identifier',
'db_cluster_snapshot_identifier'
]])
if module._name == 'rds_snapshot_facts':
module.deprecate(
"The 'rds_snapshot_facts' module has been renamed to 'rds_snapshot_info'",
version='2.13')
conn = module.client('rds',
retry_decorator=AWSRetry.jittered_backoff(retries=10))
results = dict()
if not module.params['db_cluster_identifier'] and not module.params[
'db_cluster_snapshot_identifier']:
results['snapshots'] = standalone_snapshot_info(module, conn)
if not module.params['db_snapshot_identifier'] and not module.params[
'db_instance_identifier']:
results['cluster_snapshots'] = cluster_snapshot_info(module, conn)
module.exit_json(changed=False, **results)
def main():
argument_spec = (dict(allocated_capacity=dict(type='int'),
command_name=dict(type='str', default='glueetl'),
command_script_location=dict(type='str'),
connections=dict(type='list'),
default_arguments=dict(type='dict'),
description=dict(type='str'),
max_concurrent_runs=dict(type='int'),
max_retries=dict(type='int'),
name=dict(required=True, type='str'),
role=dict(type='str'),
state=dict(required=True,
choices=['present', 'absent'],
type='str'),
timeout=dict(type='int')))
module = AnsibleAWSModule(argument_spec=argument_spec,
required_if=[
('state', 'present',
['role', 'command_script_location'])
])
connection = module.client('glue')
state = module.params.get("state")
glue_job = _get_glue_job(connection, module, module.params.get("name"))
if state == 'present':
create_or_update_glue_job(connection, module, glue_job)
else:
delete_glue_job(connection, module, glue_job)
def main():
argument_spec = dict(
vpc_id=dict(),
name=dict(),
nacl_id=dict(),
subnets=dict(required=False, type='list', default=list()),
tags=dict(required=False, type='dict'),
ingress=dict(required=False, type='list', default=list()),
egress=dict(required=False, type='list', default=list()),
state=dict(default='present', choices=['present', 'absent']),
)
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True,
required_one_of=[['name', 'nacl_id']],
required_if=[['state', 'present', ['vpc_id']]])
state = module.params.get('state').lower()
client = module.client('ec2')
invocations = {
"present": setup_network_acl,
"absent": remove_network_acl
}
(changed, results) = invocations[state](client, module)
module.exit_json(changed=changed, nacl_id=results)
def main():
argument_spec = dict(
resource=dict(required=True),
tags=dict(type='dict'),
purge_tags=dict(type='bool', default=False),
state=dict(default='present', choices=['present', 'absent', 'list']),
)
required_if = [('state', 'present', ['tags']), ('state', 'absent', ['tags'])]
module = AnsibleAWSModule(argument_spec=argument_spec, required_if=required_if, supports_check_mode=True)
resource = module.params['resource']
tags = module.params['tags']
state = module.params['state']
purge_tags = module.params['purge_tags']
result = {'changed': False}
ec2 = module.client('ec2')
current_tags = get_tags(ec2, module, resource)
if state == 'list':
module.deprecate(
'Using the "list" state has been deprecated. Please use the ec2_tag_info module instead', version='2.14')
module.exit_json(changed=False, tags=current_tags)
add_tags, remove = compare_aws_tags(current_tags, tags, purge_tags=purge_tags)
remove_tags = {}
if state == 'absent':
for key in tags:
if key in current_tags and (tags[key] is None or current_tags[key] == tags[key]):
remove_tags[key] = current_tags[key]
for key in remove:
remove_tags[key] = current_tags[key]
if remove_tags:
result['changed'] = True
result['removed_tags'] = remove_tags
if not module.check_mode:
try:
AWSRetry.jittered_backoff()(ec2.delete_tags)(Resources=[resource], Tags=ansible_dict_to_boto3_tag_list(remove_tags))
except (BotoCoreError, ClientError) as e:
module.fail_json_aws(e, msg='Failed to remove tags {0} from resource {1}'.format(remove_tags, resource))
if state == 'present' and add_tags:
result['changed'] = True
result['added_tags'] = add_tags
current_tags.update(add_tags)
if not module.check_mode:
try:
AWSRetry.jittered_backoff()(ec2.create_tags)(Resources=[resource], Tags=ansible_dict_to_boto3_tag_list(add_tags))
except (BotoCoreError, ClientError) as e:
module.fail_json_aws(e, msg='Failed to set tags {0} on resource {1}'.format(add_tags, resource))
result['tags'] = get_tags(ec2, module, resource)
module.exit_json(**result)
def main():
module = AnsibleAWSModule(
argument_spec={
'name':
dict(type='str', required=True),
'state':
dict(type='str', choices=['present', 'absent'], default='present'),
's3_bucket':
dict(type='str', required=True),
's3_prefix':
dict(type='str'),
'sns_topic_arn':
dict(type='str'),
'delivery_frequency':
dict(type='str',
choices=[
'One_Hour', 'Three_Hours', 'Six_Hours', 'Twelve_Hours',
'TwentyFour_Hours'
]),
},
supports_check_mode=False,
)
result = {'changed': False}
name = module.params.get('name')
state = module.params.get('state')
params = {}
if name:
params['name'] = name
if module.params.get('s3_bucket'):
params['s3BucketName'] = module.params.get('s3_bucket')
if module.params.get('s3_prefix'):
params['s3KeyPrefix'] = module.params.get('s3_prefix')
if module.params.get('sns_topic_arn'):
params['snsTopicARN'] = module.params.get('sns_topic_arn')
if module.params.get('delivery_frequency'):
params['configSnapshotDeliveryProperties'] = {
'deliveryFrequency': module.params.get('delivery_frequency')
}
client = module.client('config',
retry_decorator=AWSRetry.jittered_backoff())
resource_status = resource_exists(client, module, params)
if state == 'present':
if not resource_status:
create_resource(client, module, params, result)
if resource_status:
update_resource(client, module, params, result)
if state == 'absent':
if resource_status:
delete_resource(client, module, params, result)
module.exit_json(**result)
def main():
argument_spec = dict(
state=dict(type='str', required=True, choices=['present', 'absent']),
policy_name=dict(type='str', required=True),
service_namespace=dict(type='str', required=True, choices=['appstream', 'dynamodb', 'ec2', 'ecs', 'elasticmapreduce']),
resource_id=dict(type='str', required=True),
scalable_dimension=dict(type='str',
required=True,
choices=['ecs:service:DesiredCount',
'ec2:spot-fleet-request:TargetCapacity',
'elasticmapreduce:instancegroup:InstanceCount',
'appstream:fleet:DesiredCapacity',
'dynamodb:table:ReadCapacityUnits',
'dynamodb:table:WriteCapacityUnits',
'dynamodb:index:ReadCapacityUnits',
'dynamodb:index:WriteCapacityUnits']),
policy_type=dict(type='str', required=True, choices=['StepScaling', 'TargetTrackingScaling']),
step_scaling_policy_configuration=dict(type='dict'),
target_tracking_scaling_policy_configuration=dict(
type='dict',
options=dict(
CustomizedMetricSpecification=dict(type='dict'),
DisableScaleIn=dict(type='bool'),
PredefinedMetricSpecification=dict(type='dict'),
ScaleInCooldown=dict(type='int'),
ScaleOutCooldown=dict(type='int'),
TargetValue=dict(type='float'),
)
),
minimum_tasks=dict(type='int'),
maximum_tasks=dict(type='int'),
override_task_capacity=dict(type='bool'),
)
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
connection = module.client('application-autoscaling')
# Remove any target_tracking_scaling_policy_configuration suboptions that are None
policy_config_options = [
'CustomizedMetricSpecification', 'DisableScaleIn', 'PredefinedMetricSpecification', 'ScaleInCooldown', 'ScaleOutCooldown', 'TargetValue'
]
if isinstance(module.params['target_tracking_scaling_policy_configuration'], dict):
for option in policy_config_options:
if module.params['target_tracking_scaling_policy_configuration'][option] is None:
module.params['target_tracking_scaling_policy_configuration'].pop(option)
if module.params.get("state") == 'present':
# A scalable target must be registered prior to creating a scaling policy
scalable_target_result = create_scalable_target(connection, module)
policy_result = create_scaling_policy(connection, module)
# Merge the results of the scalable target creation and policy deletion/creation
# There's no risk in overriding values since mutual keys have the same values in our case
merged_result = merge_results(scalable_target_result, policy_result)
module.exit_json(**merged_result)
else:
policy_result = delete_scaling_policy(connection, module)
module.exit_json(**policy_result)
def main():
argument_spec = dict(name=dict(), group=dict(), path=dict(default='/'))
module = AnsibleAWSModule(argument_spec=argument_spec,
mutually_exclusive=[['group', 'path']],
supports_check_mode=True)
connection = module.client('iam')
list_iam_users(connection, module)
def main():
"""
Main entry point.
:return dict: ansible facts
"""
argument_spec = dict(function_name=dict(required=False,
default=None,
aliases=['function', 'name']),
query=dict(required=False,
choices=[
'aliases', 'all', 'config', 'mappings',
'policy', 'versions'
],
default='all'),
event_source_arn=dict(required=False, default=None))
module = AnsibleAWSModule(argument_spec=argument_spec,
supports_check_mode=True,
mutually_exclusive=[],
required_together=[])
# validate function_name if present
function_name = module.params['function_name']
if function_name:
if not re.search(r"^[\w\-:]+$", function_name):
module.fail_json(
msg=
'Function name {0} is invalid. Names must contain only alphanumeric characters and hyphens.'
.format(function_name))
if len(function_name) > 64:
module.fail_json(
msg='Function name "{0}" exceeds 64 character limit'.format(
function_name))
client = module.client('lambda')
invocations = dict(
aliases='alias_details',
all='all_details',
config='config_details',
mappings='mapping_details',
policy='policy_details',
versions='version_details',
)
this_module_function = globals()[invocations[module.params['query']]]
all_facts = fix_return(this_module_function(client, module))
results = dict(function=all_facts, changed=False)
if module.check_mode:
results['msg'] = 'Check mode set but ignored for fact gathering only.'
module.exit_json(**results)
def main():
argument_spec = dict(
alias=dict(aliases=['key_alias']),
policy_mode=dict(aliases=['mode'], choices=['grant', 'deny'], default='grant'),
policy_role_name=dict(aliases=['role_name']),
policy_role_arn=dict(aliases=['role_arn']),
policy_grant_types=dict(aliases=['grant_types'], type='list'),
policy_clean_invalid_entries=dict(aliases=['clean_invalid_entries'], type='bool', default=True),
key_id=dict(aliases=['key_arn']),
description=dict(),
enabled=dict(type='bool', default=True),
tags=dict(type='dict', default={}),
purge_tags=dict(type='bool', default=False),
grants=dict(type='list', default=[]),
policy=dict(),
purge_grants=dict(type='bool', default=False),
state=dict(default='present', choices=['present', 'absent']),
enable_key_rotation=(dict(type='bool'))
)
module = AnsibleAWSModule(
supports_check_mode=True,
argument_spec=argument_spec,
required_one_of=[['alias', 'key_id']],
)
mode = module.params['policy_mode']
kms = module.client('kms')
key_metadata = fetch_key_metadata(kms, module, module.params.get('key_id'), module.params.get('alias'))
# We can't create keys with a specific ID, if we can't access the key we'll have to fail
if module.params.get('state') == 'present' and module.params.get('key_id') and not key_metadata:
module.fail_json(msg="Could not find key with id %s to update")
if module.params.get('policy_grant_types') or mode == 'deny':
module.deprecate('Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile'
' and has been deprecated in favour of the policy option.', version='2.13')
result = update_policy_grants(kms, module, key_metadata, mode)
module.exit_json(**result)
if module.params.get('state') == 'absent':
if key_metadata is None:
module.exit_json(changed=False)
result = delete_key(kms, module, key_metadata)
module.exit_json(**result)
if key_metadata:
key_details = get_key_details(kms, module, key_metadata['Arn'])
result = update_key(kms, module, key_details)
module.exit_json(**result)
result = create_key(kms, module)
module.exit_json(**result)
def main():
argument_spec = dict(
name=dict(required=False),
)
module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True)
if module._name == 'elasticache_facts':
module.deprecate("The 'elasticache_facts' module has been renamed to 'elasticache_info'", version='2.13')
client = module.client('elasticache')
module.exit_json(elasticache_clusters=get_elasticache_clusters(client, module))
