` modules.
+
+
Synopsis
--------
@@ -25,8 +32,10 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- python >= 2.6
-- boto
+- boto >= 2.49.0
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
+- python >= 3.6
Parameters
@@ -93,7 +102,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -112,7 +121,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -145,7 +154,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -182,7 +191,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -330,7 +339,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -364,7 +372,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -460,7 +468,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -473,8 +481,9 @@ Notes
.. note::
- Currently boto does not support the removal of Managed Policies, the module will error out if your user/group/role has managed policies when you try to do state=absent. They will need to be removed manually.
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
@@ -585,6 +594,10 @@ Status
------
+- This module will be removed in version 3.0.0. *[deprecated]*
+- For more information see `DEPRECATED`_.
+
+
Authors
~~~~~~~
diff --git a/docs/community.aws.iam_password_policy_module.rst b/docs/community.aws.iam_password_policy_module.rst
index e1bdb8ce9fe..593be87d97f 100644
--- a/docs/community.aws.iam_password_policy_module.rst
+++ b/docs/community.aws.iam_password_policy_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -74,7 +73,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -93,7 +92,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -126,7 +125,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -163,7 +162,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -196,7 +195,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -360,7 +358,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -402,7 +400,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -414,8 +412,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.iam_policy_info_module.rst b/docs/community.aws.iam_policy_info_module.rst
index 6d06db1d93f..1c3361febd1 100644
--- a/docs/community.aws.iam_policy_info_module.rst
+++ b/docs/community.aws.iam_policy_info_module.rst
@@ -25,8 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- python >= 2.6
-- boto
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -52,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -71,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -104,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -141,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -209,7 +210,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -243,7 +243,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -265,7 +265,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -277,8 +277,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.iam_policy_module.rst b/docs/community.aws.iam_policy_module.rst
index f976ac1a4d0..e5fc98f019e 100644
--- a/docs/community.aws.iam_policy_module.rst
+++ b/docs/community.aws.iam_policy_module.rst
@@ -26,8 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- python >= 2.6
-- boto
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +54,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -142,7 +143,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -245,7 +246,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -279,7 +279,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -340,7 +340,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -352,8 +352,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.iam_role_info_module.rst b/docs/community.aws.iam_role_info_module.rst
index 2e3abc9fe1e..d7de4a0837d 100644
--- a/docs/community.aws.iam_role_info_module.rst
+++ b/docs/community.aws.iam_role_info_module.rst
@@ -26,9 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +54,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -143,7 +143,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -192,7 +192,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -226,7 +225,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -248,7 +247,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -260,8 +259,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.iam_role_module.rst b/docs/community.aws.iam_role_module.rst
index e81541d815a..b2f8568bf43 100644
--- a/docs/community.aws.iam_role_module.rst
+++ b/docs/community.aws.iam_role_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -70,7 +69,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -89,7 +88,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -122,7 +121,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -144,7 +143,6 @@ Parameters
Boundaries cannot be set on Instance Profiles, as such if this option is specified then create_instance_profile must be false.
This is intended for roles/users that have permissions to create new IAM objects.
- Requires botocore 1.10.57 or above.
aliases: boundary_policy_arn
|
@@ -233,7 +231,7 @@ Parameters
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -316,7 +314,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -390,7 +387,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -428,7 +425,6 @@ Parameters
|
Tag dict to apply to the queue.
- Requires botocore 1.12.46 or above.
|
@@ -447,7 +443,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -459,8 +455,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.iam_saml_federation_module.rst b/docs/community.aws.iam_saml_federation_module.rst
index 3e9ac69b646..785b1509c4b 100644
--- a/docs/community.aws.iam_saml_federation_module.rst
+++ b/docs/community.aws.iam_saml_federation_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -142,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -174,7 +174,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -223,7 +222,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -264,7 +263,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -276,8 +275,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.iam_server_certificate_info_module.rst b/docs/community.aws.iam_server_certificate_info_module.rst
index c41d2407cb4..1f81ea21f74 100644
--- a/docs/community.aws.iam_server_certificate_info_module.rst
+++ b/docs/community.aws.iam_server_certificate_info_module.rst
@@ -26,10 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -55,7 +54,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -74,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -107,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -144,7 +143,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -175,7 +174,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -209,7 +207,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -231,7 +229,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -243,8 +241,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.iam_user_info_module.rst b/docs/community.aws.iam_user_info_module.rst
index f33064c0dd6..1ad22f8cc81 100644
--- a/docs/community.aws.iam_user_info_module.rst
+++ b/docs/community.aws.iam_user_info_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -143,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -206,7 +205,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -240,7 +238,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -262,7 +260,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -274,8 +272,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.iam_user_module.rst b/docs/community.aws.iam_user_module.rst
index de70f8358d3..806451fa983 100644
--- a/docs/community.aws.iam_user_module.rst
+++ b/docs/community.aws.iam_user_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -143,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -193,7 +192,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -247,7 +245,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -289,7 +287,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -301,8 +299,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.kinesis_stream_module.rst b/docs/community.aws.kinesis_stream_module.rst
index 27b71b0b487..51ed5640cb0 100644
--- a/docs/community.aws.kinesis_stream_module.rst
+++ b/docs/community.aws.kinesis_stream_module.rst
@@ -28,9 +28,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -56,7 +56,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -75,7 +75,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -108,7 +108,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -145,7 +145,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -231,7 +231,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -283,7 +282,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -356,7 +355,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -403,8 +402,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.lambda_alias_module.rst b/docs/community.aws.lambda_alias_module.rst
index c50bf63db31..6d0acd53328 100644
--- a/docs/community.aws.lambda_alias_module.rst
+++ b/docs/community.aws.lambda_alias_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +53,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -157,7 +157,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -222,7 +222,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -256,7 +255,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -297,7 +296,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -309,8 +308,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.lambda_event_module.rst b/docs/community.aws.lambda_event_module.rst
index 9d10ac318e9..14c0f6d008c 100644
--- a/docs/community.aws.lambda_event_module.rst
+++ b/docs/community.aws.lambda_event_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -69,7 +69,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -88,7 +88,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -121,7 +121,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -158,7 +158,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -212,7 +212,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -246,7 +245,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -380,7 +379,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -408,8 +407,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.lambda_facts_module.rst b/docs/community.aws.lambda_facts_module.rst
index 369bd9399be..417f3d17179 100644
--- a/docs/community.aws.lambda_facts_module.rst
+++ b/docs/community.aws.lambda_facts_module.rst
@@ -32,9 +32,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -60,7 +60,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -79,7 +79,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -112,7 +112,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -149,7 +149,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -196,7 +196,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -253,7 +252,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -275,7 +274,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -287,8 +286,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.lambda_info_module.rst b/docs/community.aws.lambda_info_module.rst
index ce265e7087d..2f08ea7159b 100644
--- a/docs/community.aws.lambda_info_module.rst
+++ b/docs/community.aws.lambda_info_module.rst
@@ -26,9 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +54,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -143,7 +143,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -190,7 +190,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -247,7 +246,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -269,7 +268,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -281,8 +280,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.lambda_module.rst b/docs/community.aws.lambda_module.rst
index 7368c05fed4..682891507e9 100644
--- a/docs/community.aws.lambda_module.rst
+++ b/docs/community.aws.lambda_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -172,7 +172,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -250,7 +250,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -366,7 +365,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -403,7 +402,7 @@ Parameters
|
|
- tag dict to apply to the function (requires botocore 1.5.40 or above).
+ Tag dict to apply to the function.
|
@@ -457,7 +456,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -521,8 +520,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.lambda_policy_module.rst b/docs/community.aws.lambda_policy_module.rst
index 6b9fdbf943b..ca1dd8a9309 100644
--- a/docs/community.aws.lambda_policy_module.rst
+++ b/docs/community.aws.lambda_policy_module.rst
@@ -27,9 +27,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -86,7 +86,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -105,7 +105,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -138,7 +138,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -175,7 +175,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -243,7 +243,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -277,7 +276,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -365,7 +364,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -392,8 +391,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.lightsail_module.rst b/docs/community.aws.lightsail_module.rst
index 5ff6b603b43..441529b5378 100644
--- a/docs/community.aws.lightsail_module.rst
+++ b/docs/community.aws.lightsail_module.rst
@@ -26,9 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +54,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -175,7 +175,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -223,7 +223,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -257,7 +256,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -318,7 +317,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -383,8 +382,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.rds_instance_info_module.rst b/docs/community.aws.rds_instance_info_module.rst
index 3e199320cb1..530ac744f26 100644
--- a/docs/community.aws.rds_instance_info_module.rst
+++ b/docs/community.aws.rds_instance_info_module.rst
@@ -26,10 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
-- python >= 2.7
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -55,7 +54,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -74,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -107,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -160,7 +159,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -191,7 +190,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -225,7 +223,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -247,7 +245,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -259,8 +257,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.rds_instance_module.rst b/docs/community.aws.rds_instance_module.rst
index e679974045b..2bb3a389893 100644
--- a/docs/community.aws.rds_instance_module.rst
+++ b/docs/community.aws.rds_instance_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3 >= 1.5.0
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -142,7 +141,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -161,7 +160,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -194,7 +193,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -473,7 +472,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -928,7 +927,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -1136,7 +1134,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -1403,7 +1401,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -1450,8 +1448,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.rds_module.rst b/docs/community.aws.rds_module.rst
index c3391656668..76da476f977 100644
--- a/docs/community.aws.rds_module.rst
+++ b/docs/community.aws.rds_module.rst
@@ -14,14 +14,20 @@ Version added: 1.0.0
:local:
:depth: 1
+DEPRECATED
+----------
+:Removed in collection release after
+:Why: The rds module is based upon a deprecated version of the AWS SDK.
+:Alternative: Use :ref:`rds_instance `, :ref:`rds_instance_info `, and :ref:`rds_snapshot `.
+
+
Synopsis
--------
- Creates, deletes, or modifies rds resources.
- When creating an instance it can be either a new instance or a read-only replica of an existing instance.
-- This module has a dependency on python-boto >= 2.5 and will soon be deprecated.
- The 'promote' command requires boto >= 2.18.0. Certain features such as tags rely on boto.rds2 (boto >= 2.26.0).
-- Please use boto3 based :ref:`community.aws.rds_instance ` instead.
+- Please use the boto3 based :ref:`community.aws.rds_instance ` instead.
@@ -29,8 +35,10 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- python >= 2.6
+- boto >= 2.49.0
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
+- python >= 3.6
Parameters
@@ -76,7 +84,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -95,7 +103,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -128,7 +136,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -293,7 +301,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -542,7 +550,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -609,7 +616,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -751,7 +758,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -836,8 +843,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
@@ -1699,6 +1707,10 @@ Status
------
+- This module will be removed in version 3.0.0. *[deprecated]*
+- For more information see `DEPRECATED`_.
+
+
Authors
~~~~~~~
diff --git a/docs/community.aws.rds_param_group_module.rst b/docs/community.aws.rds_param_group_module.rst
index 9905c5a88d8..9715206d56c 100644
--- a/docs/community.aws.rds_param_group_module.rst
+++ b/docs/community.aws.rds_param_group_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +53,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -157,7 +157,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -243,7 +243,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -296,7 +295,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -353,7 +352,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -365,8 +364,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.rds_snapshot_info_module.rst b/docs/community.aws.rds_snapshot_info_module.rst
index 8835ebf4347..7e5c169f9fe 100644
--- a/docs/community.aws.rds_snapshot_info_module.rst
+++ b/docs/community.aws.rds_snapshot_info_module.rst
@@ -27,9 +27,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -55,7 +55,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -74,7 +74,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -107,7 +107,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -209,7 +209,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -225,7 +225,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -259,7 +258,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -303,7 +302,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -315,8 +314,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.rds_snapshot_module.rst b/docs/community.aws.rds_snapshot_module.rst
index 95ec276a159..657b56b7165 100644
--- a/docs/community.aws.rds_snapshot_module.rst
+++ b/docs/community.aws.rds_snapshot_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -175,7 +175,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -191,7 +191,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -244,7 +243,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -300,7 +299,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -347,8 +346,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.rds_subnet_group_module.rst b/docs/community.aws.rds_subnet_group_module.rst
index 3b624ccdb09..2618eb29a14 100644
--- a/docs/community.aws.rds_subnet_group_module.rst
+++ b/docs/community.aws.rds_subnet_group_module.rst
@@ -25,8 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- python >= 2.6
-- boto
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -52,7 +53,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -71,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -104,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -157,7 +158,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -189,7 +190,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -223,7 +223,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -282,7 +282,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -294,8 +294,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.redshift_cross_region_snapshots_module.rst b/docs/community.aws.redshift_cross_region_snapshots_module.rst
index f1ad74a43b6..10e633cb2e0 100644
--- a/docs/community.aws.redshift_cross_region_snapshots_module.rst
+++ b/docs/community.aws.redshift_cross_region_snapshots_module.rst
@@ -26,10 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -55,7 +54,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -74,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -107,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -178,7 +177,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -194,7 +193,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -229,7 +227,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -304,7 +302,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -316,8 +314,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.redshift_info_module.rst b/docs/community.aws.redshift_info_module.rst
index 4d8230f0ea6..6535817f66c 100644
--- a/docs/community.aws.redshift_info_module.rst
+++ b/docs/community.aws.redshift_info_module.rst
@@ -26,9 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +54,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -160,7 +160,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -176,7 +176,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -210,7 +209,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -247,7 +246,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -259,8 +258,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.redshift_module.rst b/docs/community.aws.redshift_module.rst
index 27742aa8b82..c5bd313bacc 100644
--- a/docs/community.aws.redshift_module.rst
+++ b/docs/community.aws.redshift_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -105,7 +105,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -124,7 +124,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -157,7 +157,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -318,7 +318,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -531,7 +531,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -604,7 +603,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -680,7 +679,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -745,8 +744,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.redshift_subnet_group_module.rst b/docs/community.aws.redshift_subnet_group_module.rst
index 7f66c0334a7..b007c1e9934 100644
--- a/docs/community.aws.redshift_subnet_group_module.rst
+++ b/docs/community.aws.redshift_subnet_group_module.rst
@@ -25,8 +25,10 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- python >= 2.6
+- boto >= 2.49.0
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
+- python >= 3.6
Parameters
@@ -52,7 +54,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -71,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -104,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -141,7 +143,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -158,6 +160,7 @@ Parameters
Database subnet group description.
+ Required when state=present.
aliases: description
|
@@ -192,6 +195,7 @@ Parameters
List of subnet IDs that make up the cluster subnet group.
+ Required when state=present.
aliases: subnets
|
@@ -207,7 +211,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -241,7 +244,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -283,7 +286,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -295,8 +298,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.route53_health_check_module.rst b/docs/community.aws.route53_health_check_module.rst
index b4b25fada6b..3d29ebeb929 100644
--- a/docs/community.aws.route53_health_check_module.rst
+++ b/docs/community.aws.route53_health_check_module.rst
@@ -26,8 +26,10 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- python >= 2.6
-- boto
+- boto >= 2.49.0
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
+- python >= 3.6
Parameters
@@ -53,7 +55,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +74,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +107,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -142,7 +144,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -230,7 +232,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -301,7 +302,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -380,7 +381,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -392,8 +393,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.route53_info_module.rst b/docs/community.aws.route53_info_module.rst
index e44d3e25ed0..d81b24597e5 100644
--- a/docs/community.aws.route53_info_module.rst
+++ b/docs/community.aws.route53_info_module.rst
@@ -26,8 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- python >= 2.6
-- boto
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +54,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -189,7 +190,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -313,7 +314,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -390,7 +390,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -454,7 +454,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -466,8 +466,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.route53_module.rst b/docs/community.aws.route53_module.rst
index 8c08e3bff64..47e58e06062 100644
--- a/docs/community.aws.route53_module.rst
+++ b/docs/community.aws.route53_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -109,7 +108,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -128,7 +127,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -161,7 +160,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -198,7 +197,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -319,7 +318,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -385,7 +383,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -477,7 +475,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -589,8 +587,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.route53_zone_module.rst b/docs/community.aws.route53_zone_module.rst
index 0af97d45d8f..f80f0e2a9ac 100644
--- a/docs/community.aws.route53_zone_module.rst
+++ b/docs/community.aws.route53_zone_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +53,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -174,7 +174,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -206,7 +206,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -240,7 +239,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -281,7 +280,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -339,8 +338,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.s3_bucket_notification_module.rst b/docs/community.aws.s3_bucket_notification_module.rst
index a801b0ded68..0f62c6e343b 100644
--- a/docs/community.aws.s3_bucket_notification_module.rst
+++ b/docs/community.aws.s3_bucket_notification_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +53,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -158,7 +158,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -283,7 +283,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -317,7 +316,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -373,7 +372,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -386,8 +385,9 @@ Notes
.. note::
- This module heavily depends on :ref:`community.aws.lambda_policy ` as you need to allow ``lambda:InvokeFunction`` permission for your lambda function.
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.s3_lifecycle_module.rst b/docs/community.aws.s3_lifecycle_module.rst
index 6382c26d25c..6a940862780 100644
--- a/docs/community.aws.s3_lifecycle_module.rst
+++ b/docs/community.aws.s3_lifecycle_module.rst
@@ -25,8 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- python >= 2.6
-- boto
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -52,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -71,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -104,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -141,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -290,7 +291,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -380,7 +380,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -513,7 +513,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -547,8 +547,9 @@ Notes
- If specifying expiration time as days then transition time must also be specified in days.
- If specifying expiration time as a date then transition time must also be specified as a date.
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.s3_logging_module.rst b/docs/community.aws.s3_logging_module.rst
index cba4b51503d..67762810882 100644
--- a/docs/community.aws.s3_logging_module.rst
+++ b/docs/community.aws.s3_logging_module.rst
@@ -25,8 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- python >= 2.6
-- boto
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -52,7 +53,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -71,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -104,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -141,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -173,7 +174,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -207,7 +207,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -279,7 +279,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -291,8 +291,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.s3_metrics_configuration_module.rst b/docs/community.aws.s3_metrics_configuration_module.rst
index 570d88bd6f3..449fd5d9b1f 100644
--- a/docs/community.aws.s3_metrics_configuration_module.rst
+++ b/docs/community.aws.s3_metrics_configuration_module.rst
@@ -25,8 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- python >= 2.6
-- boto
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -52,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -71,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -104,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -157,7 +158,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -220,7 +221,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -254,7 +254,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -295,7 +295,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -310,8 +310,9 @@ Notes
- To request metrics for the entire bucket, create a metrics configuration without a filter
- Metrics configurations are necessary only to enable request metric, bucket-level daily storage metrics are always turned on
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.s3_sync_module.rst b/docs/community.aws.s3_sync_module.rst
index bc674a64e25..348639b2c2e 100644
--- a/docs/community.aws.s3_sync_module.rst
+++ b/docs/community.aws.s3_sync_module.rst
@@ -25,11 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3 >= 1.4.4
-- botocore
-- python >= 2.6
-- python-dateutil
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -55,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -74,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -107,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -195,7 +193,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -360,7 +358,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -409,7 +406,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -457,7 +454,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -469,8 +466,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
@@ -490,6 +488,11 @@ Examples
file_root: roles/s3/files/
storage_class: GLACIER
+ - name: basic individual file upload
+ community.aws.s3_sync:
+ bucket: tedder
+ file_root: roles/s3/files/file_name
+
- name: all the options
community.aws.s3_sync:
bucket: tedder
diff --git a/docs/community.aws.s3_website_module.rst b/docs/community.aws.s3_website_module.rst
index 356cf0315ca..90078b3afc3 100644
--- a/docs/community.aws.s3_website_module.rst
+++ b/docs/community.aws.s3_website_module.rst
@@ -25,9 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -142,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -189,7 +189,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -238,7 +237,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -296,7 +295,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -308,8 +307,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.sns_module.rst b/docs/community.aws.sns_module.rst
index 83d5165b902..177cf3c3452 100644
--- a/docs/community.aws.sns_module.rst
+++ b/docs/community.aws.sns_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -69,7 +68,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -88,7 +87,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -121,7 +120,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -158,7 +157,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -303,7 +302,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -337,7 +335,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -420,7 +418,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -432,8 +430,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.sns_topic_module.rst b/docs/community.aws.sns_topic_module.rst
index 3cf7abcd32f..321a1b958ec 100644
--- a/docs/community.aws.sns_topic_module.rst
+++ b/docs/community.aws.sns_topic_module.rst
@@ -26,8 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -53,7 +54,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -72,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -105,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -172,7 +173,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -219,7 +220,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -272,7 +272,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -349,6 +349,26 @@ Parameters
|
+
+ |
+
+ topic_type
+
+
+ string
+
+ added in 2.0.0
+ |
+
+ Choices:
+ standard ← - fifo
+
+ |
+
+ The type of topic that should be created. Either Standard for FIFO (first-in, first-out)
+ |
+
|
@@ -365,7 +385,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -377,8 +397,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.sqs_queue_module.rst b/docs/community.aws.sqs_queue_module.rst
index 341f9ca2fc2..e32121739cb 100644
--- a/docs/community.aws.sqs_queue_module.rst
+++ b/docs/community.aws.sqs_queue_module.rst
@@ -26,9 +26,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +54,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +73,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +106,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -179,7 +179,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -287,7 +287,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -391,7 +390,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -428,7 +427,7 @@ Parameters
|
|
- Tag dict to apply to the queue (requires botocore 1.5.40 or above).
+ Tag dict to apply to the queue.
To remove all tags set tags={} and purge_tags=true.
|
@@ -448,7 +447,7 @@ Parameters
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -476,8 +475,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.sts_assume_role_module.rst b/docs/community.aws.sts_assume_role_module.rst
index 16b197c2bce..bfab5056a22 100644
--- a/docs/community.aws.sts_assume_role_module.rst
+++ b/docs/community.aws.sts_assume_role_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -160,7 +159,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -236,7 +235,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -302,7 +300,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -324,7 +322,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -337,8 +335,9 @@ Notes
.. note::
- In order to use the assumed role in a following playbook task you must pass the access_key, access_secret and access_token.
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.sts_session_token_module.rst b/docs/community.aws.sts_session_token_module.rst
index 26dae630d73..0a9b8e9c3a5 100644
--- a/docs/community.aws.sts_session_token_module.rst
+++ b/docs/community.aws.sts_session_token_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -158,7 +157,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -204,7 +203,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -238,7 +236,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -260,7 +258,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -273,8 +271,9 @@ Notes
.. note::
- In order to use the session token in a following playbook task you must pass the *access_key*, *access_secret* and *access_token*.
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.wafv2_ip_set_info_module.rst b/docs/community.aws.wafv2_ip_set_info_module.rst
index 204f6619644..4f654bf6060 100644
--- a/docs/community.aws.wafv2_ip_set_info_module.rst
+++ b/docs/community.aws.wafv2_ip_set_info_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -143,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -175,7 +174,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -229,7 +227,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -251,7 +249,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -263,8 +261,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.wafv2_ip_set_module.rst b/docs/community.aws.wafv2_ip_set_module.rst
index cd08ee1d1fd..506e1b2e1e2 100644
--- a/docs/community.aws.wafv2_ip_set_module.rst
+++ b/docs/community.aws.wafv2_ip_set_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -72,7 +71,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -91,7 +90,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -124,7 +123,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -176,7 +175,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -228,7 +227,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -301,7 +299,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -359,7 +357,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -371,8 +369,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.wafv2_resources_info_module.rst b/docs/community.aws.wafv2_resources_info_module.rst
index 3c11ea767b7..934e20ed66a 100644
--- a/docs/community.aws.wafv2_resources_info_module.rst
+++ b/docs/community.aws.wafv2_resources_info_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -143,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -175,7 +174,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -229,7 +227,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -251,7 +249,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -263,8 +261,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.wafv2_resources_module.rst b/docs/community.aws.wafv2_resources_module.rst
index 5cce8c74359..ab010c46476 100644
--- a/docs/community.aws.wafv2_resources_module.rst
+++ b/docs/community.aws.wafv2_resources_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -70,7 +69,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -89,7 +88,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -122,7 +121,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -159,7 +158,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -190,7 +189,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -243,7 +241,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -285,7 +283,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -297,8 +295,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.wafv2_rule_group_info_module.rst b/docs/community.aws.wafv2_rule_group_info_module.rst
index 9de423f1e64..9af6fceb5db 100644
--- a/docs/community.aws.wafv2_rule_group_info_module.rst
+++ b/docs/community.aws.wafv2_rule_group_info_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -143,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -175,7 +174,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -229,7 +227,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -271,7 +269,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -283,8 +281,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.wafv2_rule_group_module.rst b/docs/community.aws.wafv2_rule_group_module.rst
index a158cbb7946..36094e45332 100644
--- a/docs/community.aws.wafv2_rule_group_module.rst
+++ b/docs/community.aws.wafv2_rule_group_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -192,7 +191,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -240,7 +239,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -348,7 +346,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -405,7 +403,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -417,8 +415,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.wafv2_web_acl_info_module.rst b/docs/community.aws.wafv2_web_acl_info_module.rst
index 0e1c329f840..761b4b9fd2c 100644
--- a/docs/community.aws.wafv2_web_acl_info_module.rst
+++ b/docs/community.aws.wafv2_web_acl_info_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -143,7 +142,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -175,7 +174,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -229,7 +227,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -251,7 +249,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -263,8 +261,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/docs/community.aws.wafv2_web_acl_module.rst b/docs/community.aws.wafv2_web_acl_module.rst
index a23a519e438..32324dcd9b2 100644
--- a/docs/community.aws.wafv2_web_acl_module.rst
+++ b/docs/community.aws.wafv2_web_acl_module.rst
@@ -25,10 +25,9 @@ Requirements
------------
The below requirements are needed on the host that executes this module.
-- boto
-- boto3
-- botocore
-- python >= 2.6
+- python >= 3.6
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
Parameters
@@ -54,7 +53,7 @@ Parameters
|
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+ AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_access_key, access_key
@@ -73,7 +72,7 @@ Parameters
|
The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
+ Not used by boto 2 based modules.
Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
|
@@ -106,7 +105,7 @@ Parameters
|
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+ AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
If profile is set this parameter is ignored.
Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: ec2_secret_key, secret_key
@@ -196,7 +195,7 @@ Parameters
|
|
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+ URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aliases: aws_endpoint_url, endpoint_url
|
@@ -244,7 +243,6 @@ Parameters
|
- Uses a boto profile. Only works with boto >= 2.24.0.
Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
aliases: aws_profile
@@ -433,7 +431,7 @@ Parameters
|
|
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+ AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
If profile is set this parameter is ignored.
Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
aliases: aws_security_token, access_token
@@ -490,7 +488,7 @@ Parameters
|
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+ When set to "no", SSL certificates will not be validated for communication with the AWS APIs.
|
@@ -502,8 +500,9 @@ Notes
.. note::
- If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE``
- - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html
- - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file
+ - When no credentials are explicitly provided the AWS SDK (boto3) that Ansible uses will fall back to its configuration files (typically ``~/.aws/credentials``). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
+ - Modules based on the original AWS SDK (boto) may read their default configuration from different files. See https://boto.readthedocs.io/en/latest/boto_config_tut.html for more information.
+ - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be defined in the configuration files.
diff --git a/galaxy.yml b/galaxy.yml
index 92e1c2419b5..52f221bf07a 100644
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -1,6 +1,6 @@
namespace: community
name: aws
-version: 1.5.0
+version: 2.0.0
readme: README.md
authors:
- Ansible (https://github.com/ansible)
@@ -8,7 +8,7 @@ description: null
license_file: COPYING
tags: [community, aws, cloud, amazon]
dependencies:
- amazon.aws: '>=1.5.0'
+ amazon.aws: '>=2.0.0'
repository: https://github.com/ansible-collections/community.aws
documentation: https://github.com/ansible-collections/community.aws/tree/main/docs
homepage: https://github.com/ansible-collections/community.aws
diff --git a/meta/runtime.yml b/meta/runtime.yml
index 7572647d422..c1ca9228a31 100644
--- a/meta/runtime.yml
+++ b/meta/runtime.yml
@@ -35,6 +35,7 @@ action_groups:
- elb_target_group_facts
- iam_mfa_device_facts
- iam_role_facts
+ - iam_cert_facts
- iam_server_certificate_facts
- lambda_facts
- rds_instance_facts
@@ -171,6 +172,7 @@ action_groups:
- iam_role
- iam_role_info
- iam_saml_federation
+ - iam_server_certificate
- iam_server_certificate_info
- iam_user
- iam_user_info
@@ -448,7 +450,7 @@ plugin_routing:
deprecation:
removal_date: 2021-12-01
warning_text: >-
- iam_cert_facts was renamed in Ansible 2.9 to iam_cert_info.
+ iam_cert_facts was renamed in Ansible 2.9 to iam_server_certificate_info.
Please update your tasks.
iam_mfa_device_facts:
deprecation:
@@ -462,6 +464,13 @@ plugin_routing:
warning_text: >-
iam_role_facts was renamed in Ansible 2.9 to iam_role_info.
Please update your tasks.
+ iam_cert:
+ redirect: community.aws.iam_server_certificate
+ deprecation:
+ removal_version: 4.0.0
+ warning_text: >-
+ iam_cert has been renamed to iam_server_certificate for consistency.
+ Please update your tasks.
iam_server_certificate_facts:
deprecation:
removal_date: 2021-12-01
diff --git a/plugins/modules/aws_msk_cluster.py b/plugins/modules/aws_msk_cluster.py
index 41f2dd62e44..d6cf35d3ba3 100644
--- a/plugins/modules/aws_msk_cluster.py
+++ b/plugins/modules/aws_msk_cluster.py
@@ -544,7 +544,6 @@ def create_or_update_cluster(client, module):
}
},
"cluster_kafka_version": {
- "botocore_version": "1.16.19",
"current_value": cluster["CurrentBrokerSoftwareInfo"]["KafkaVersion"],
"target_value": module.params.get("version"),
"update_params": {
diff --git a/plugins/modules/aws_msk_config.py b/plugins/modules/aws_msk_config.py
index 6258ae916f6..f1966847422 100644
--- a/plugins/modules/aws_msk_config.py
+++ b/plugins/modules/aws_msk_config.py
@@ -279,9 +279,6 @@ def main():
module = AnsibleAWSModule(argument_spec=module_args, supports_check_mode=True)
- # Support for update_configuration and delete_configuration added in 1.17.48
- module.require_botocore_at_least('1.17.48')
-
client = module.client("kafka", retry_decorator=AWSRetry.jittered_backoff())
if module.params["state"] == "present":
diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py
index 9887a8d373a..80ac6dcec4b 100644
--- a/plugins/modules/cloudfront_distribution.py
+++ b/plugins/modules/cloudfront_distribution.py
@@ -1591,7 +1591,8 @@ def __init__(self, module):
'TLSv1_2016',
'TLSv1.1_2016',
'TLSv1.2_2018',
- 'TLSv1.2_2019'
+ 'TLSv1.2_2019',
+ 'TLSv1.2_2021'
])
self.__valid_viewer_certificate_certificate_sources = set([
'cloudfront',
diff --git a/plugins/modules/dynamodb_table.py b/plugins/modules/dynamodb_table.py
index b23c443cac9..7a3add3727a 100644
--- a/plugins/modules/dynamodb_table.py
+++ b/plugins/modules/dynamodb_table.py
@@ -19,8 +19,8 @@
requirements:
- python >= 3.6
- boto >= 2.49.0
-- boto3 >= 1.13.0
-- botocore >= 1.16.0
+- boto3 >= 1.15.0
+- botocore >= 1.18.0
options:
state:
description:
diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py
index adf6f0bda41..927d31551b7 100644
--- a/plugins/modules/ec2_eip.py
+++ b/plugins/modules/ec2_eip.py
@@ -344,10 +344,11 @@ def address_is_associated_with_device(ec2, module, address, device_id, is_instan
def allocate_address(ec2, module, domain, reuse_existing_ip_allowed, check_mode, tag_dict=None, public_ipv4_pool=None):
""" Allocate a new elastic IP address (when needed) and return it """
+ if not domain:
+ domain = 'standard'
+
if reuse_existing_ip_allowed:
filters = []
- if not domain:
- domain = 'standard'
filters.append({'Name': 'domain', "Values": [domain]})
if tag_dict is not None:
diff --git a/plugins/modules/elasticache_subnet_group.py b/plugins/modules/elasticache_subnet_group.py
index 44a3e39ae6f..eda678205d0 100644
--- a/plugins/modules/elasticache_subnet_group.py
+++ b/plugins/modules/elasticache_subnet_group.py
@@ -12,34 +12,36 @@
version_added: 1.0.0
short_description: manage ElastiCache subnet groups
description:
- - Creates, modifies, and deletes ElastiCache subnet groups. This module has a dependency on python-boto >= 2.5.
+ - Creates, modifies, and deletes ElastiCache subnet groups.
options:
state:
description:
- Specifies whether the subnet should be present or absent.
- required: true
choices: [ 'present' , 'absent' ]
+ default: 'present'
type: str
name:
description:
- Database subnet group identifier.
+ - This value is automatically converted to lowercase.
required: true
type: str
description:
description:
- - ElastiCache subnet group description. Only set when a new group is added.
+ - ElastiCache subnet group description.
+ - When not provided defaults to I(name) on subnet group creation.
type: str
subnets:
description:
- List of subnet IDs that make up the ElastiCache subnet group.
+ - At least one subnet must be provided when creating an ElastiCache subnet group.
type: list
elements: str
-author: "Tim Mahoney (@timmahoney)"
+author:
+ - "Tim Mahoney (@timmahoney)"
extends_documentation_fragment:
-- amazon.aws.aws
-- amazon.aws.ec2
-requirements:
-- boto >= 2.49.0
+ - amazon.aws.aws
+ - amazon.aws.ec2
'''
EXAMPLES = r'''
@@ -58,87 +60,195 @@
name: norwegian-blue
'''
+RETURN = r'''
+cache_subnet_group:
+ description: Description of the Elasticache Subnet Group.
+ returned: always
+ type: dict
+ contains:
+ arn:
+ description: The Amazon Resource Name (ARN) of the cache subnet group.
+ returned: when the subnet group exists
+ type: str
+ sample: arn:aws:elasticache:us-east-1:012345678901:subnetgroup:norwegian-blue
+ description:
+ description: The description of the cache subnet group.
+ returned: when the cache subnet group exists
+ type: str
+ sample: My Fancy Ex Parrot Subnet Group
+ name:
+ description: The name of the cache subnet group.
+ returned: when the cache subnet group exists
+ type: str
+ sample: norwegian-blue
+ vpc_id:
+ description: The VPC ID of the cache subnet group.
+ returned: when the cache subnet group exists
+ type: str
+ sample: norwegian-blue
+ subnet_ids:
+ description: The IDs of the subnets beloging to the cache subnet group.
+ returned: when the cache subnet group exists
+ type: list
+ elements: str
+ sample:
+ - subnet-aaaaaaaa
+ - subnet-bbbbbbbb
+'''
+
try:
- import boto
- from boto.elasticache import connect_to_region
- from boto.exception import BotoServerError
+ import botocore
except ImportError:
- pass # Handled by HAS_BOTO
+ pass # Handled by AnsibleAWSModule
+
+from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict
-from ansible.module_utils._text import to_native
from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule
-from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO
-from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info
+from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code
+from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry
+
+
+def get_subnet_group(name):
+ try:
+ groups = client.describe_cache_subnet_groups(
+ aws_retry=True,
+ CacheSubnetGroupName=name,
+ )['CacheSubnetGroups']
+ except is_boto3_error_code('CacheSubnetGroupNotFoundFault'):
+ return None
+ except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except
+ module.fail_json_aws(e, msg="Failed to describe subnet group")
+
+ if not groups:
+ return None
+
+ if len(groups) > 1:
+ module.fail_aws(
+ msg="Found multiple matches for subnet group",
+ cache_subnet_groups=camel_dict_to_snake_dict(groups),
+ )
+
+ subnet_group = camel_dict_to_snake_dict(groups[0])
+
+ subnet_group['name'] = subnet_group['cache_subnet_group_name']
+ subnet_group['description'] = subnet_group['cache_subnet_group_description']
+
+ subnet_ids = list(s['subnet_identifier'] for s in subnet_group['subnets'])
+ subnet_group['subnet_ids'] = subnet_ids
+
+ return subnet_group
+
+
+def create_subnet_group(name, description, subnets):
+
+ if not subnets:
+ module.fail_json(msg='At least one subnet must be provided when creating a subnet group')
+
+ if module.check_mode:
+ return True
+
+ try:
+ if not description:
+ description = name
+ client.create_cache_subnet_group(
+ aws_retry=True,
+ CacheSubnetGroupName=name,
+ CacheSubnetGroupDescription=description,
+ SubnetIds=subnets,
+ )
+ return True
+ except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
+ module.fail_json_aws(e, msg="Failed to create subnet group")
+
+
+def update_subnet_group(subnet_group, name, description, subnets):
+ update_params = dict()
+ if description and subnet_group['description'] != description:
+ update_params['CacheSubnetGroupDescription'] = description
+ if subnets:
+ old_subnets = set(subnet_group['subnet_ids'])
+ new_subnets = set(subnets)
+ if old_subnets != new_subnets:
+ update_params['SubnetIds'] = list(subnets)
+
+ if not update_params:
+ return False
+
+ if module.check_mode:
+ return True
+
+ try:
+ client.modify_cache_subnet_group(
+ aws_retry=True,
+ CacheSubnetGroupName=name,
+ **update_params,
+ )
+ except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
+ module.fail_json_aws(e, msg="Failed to update subnet group")
+
+ return True
+
+
+def delete_subnet_group(name):
+
+ if module.check_mode:
+ return True
+
+ try:
+ client.delete_cache_subnet_group(
+ aws_retry=True,
+ CacheSubnetGroupName=name,
+ )
+ return True
+ except is_boto3_error_code('CacheSubnetGroupNotFoundFault'):
+ # AWS is "eventually consistent", cope with the race conditions where
+ # deletion hadn't completed when we ran describe
+ return False
+ except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except
+ module.fail_json_aws(e, msg="Failed to delete subnet group")
def main():
argument_spec = dict(
- state=dict(required=True, choices=['present', 'absent']),
+ state=dict(default='present', choices=['present', 'absent']),
name=dict(required=True),
description=dict(required=False),
subnets=dict(required=False, type='list', elements='str'),
)
- module = AnsibleAWSModule(argument_spec=argument_spec, check_boto3=False)
- if not HAS_BOTO:
- module.fail_json(msg='boto required for this module')
-
- state = module.params.get('state')
- group_name = module.params.get('name').lower()
- group_description = module.params.get('description')
- group_subnets = module.params.get('subnets') or {}
+ global module
+ global client
- if state == 'present':
- for required in ['name', 'description', 'subnets']:
- if not module.params.get(required):
- module.fail_json(msg=str("Parameter %s required for state='present'" % required))
- else:
- for not_allowed in ['description', 'subnets']:
- if module.params.get(not_allowed):
- module.fail_json(msg=str("Parameter %s not allowed for state='absent'" % not_allowed))
+ module = AnsibleAWSModule(
+ argument_spec=argument_spec,
+ supports_check_mode=True,
+ )
- # Retrieve any AWS settings from the environment.
- region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module)
+ state = module.params.get('state')
+ name = module.params.get('name').lower()
+ description = module.params.get('description')
+ subnets = module.params.get('subnets')
- if not region:
- module.fail_json(msg=str("Either region or AWS_REGION or EC2_REGION environment variable or boto config aws_region or ec2_region must be set."))
+ client = module.client('elasticache', retry_decorator=AWSRetry.jittered_backoff())
- """Get an elasticache connection"""
- try:
- conn = connect_to_region(region_name=region, **aws_connect_kwargs)
- except boto.exception.NoAuthHandlerFound as e:
- module.fail_json(msg=to_native(e))
+ subnet_group = get_subnet_group(name)
+ changed = False
- try:
- changed = False
- exists = False
-
- try:
- matching_groups = conn.describe_cache_subnet_groups(group_name, max_records=100)
- exists = len(matching_groups) > 0
- except BotoServerError as e:
- if e.error_code != 'CacheSubnetGroupNotFoundFault':
- module.fail_json(msg=e.error_message)
-
- if state == 'absent':
- if exists:
- conn.delete_cache_subnet_group(group_name)
- changed = True
- else:
- if not exists:
- new_group = conn.create_cache_subnet_group(group_name, cache_subnet_group_description=group_description, subnet_ids=group_subnets)
- changed = True
- else:
- changed_group = conn.modify_cache_subnet_group(group_name, cache_subnet_group_description=group_description, subnet_ids=group_subnets)
- changed = True
-
- except BotoServerError as e:
- if e.error_message != 'No modifications were requested.':
- module.fail_json(msg=e.error_message)
+ if state == 'present':
+ if not subnet_group:
+ result = create_subnet_group(name, description, subnets)
+ changed |= result
else:
- changed = False
+ result = update_subnet_group(subnet_group, name, description, subnets)
+ changed |= result
+ subnet_group = get_subnet_group(name)
+ else:
+ if subnet_group:
+ result = delete_subnet_group(name)
+ changed |= result
+ subnet_group = None
- module.exit_json(changed=changed)
+ module.exit_json(changed=changed, cache_subnet_group=subnet_group)
if __name__ == '__main__':
diff --git a/plugins/modules/elb_target_group.py b/plugins/modules/elb_target_group.py
index 45649e7e651..9a740422293 100644
--- a/plugins/modules/elb_target_group.py
+++ b/plugins/modules/elb_target_group.py
@@ -161,6 +161,23 @@
- The identifier of the virtual private cloud (VPC). Required when I(state) is C(present).
required: false
type: str
+ preserve_client_ip_enabled:
+ description:
+ - Indicates whether client IP preservation is enabled.
+ - The default is disabled if the target group type is C(ip) address and the target group protocol is C(tcp) or C(tls).
+ Otherwise, the default is enabled. Client IP preservation cannot be disabled for C(udp) and C(tcp_udp) target groups.
+ - I(preserve_client_ip_enabled) is supported only by Network Load Balancers.
+ type: bool
+ required: false
+ version_added: 2.1.0
+ proxy_protocol_v2_enabled:
+ description:
+ - Indicates whether Proxy Protocol version 2 is enabled.
+ - The value is C(true) or C(false).
+ - I(proxy_protocol_v2_enabled) is supported only by Network Load Balancers.
+ type: bool
+ required: false
+ version_added: 2.1.0
wait:
description:
- Whether or not to wait for the target group.
@@ -474,6 +491,8 @@ def create_or_update_target_group(connection, module):
stickiness_type = module.params.get("stickiness_type")
stickiness_app_cookie_duration = module.params.get("stickiness_app_cookie_duration")
stickiness_app_cookie_name = module.params.get("stickiness_app_cookie_name")
+ preserve_client_ip_enabled = module.params.get("preserve_client_ip_enabled")
+ proxy_protocol_v2_enabled = module.params.get("proxy_protocol_v2_enabled")
health_option_keys = [
"health_check_path", "health_check_protocol", "health_check_interval", "health_check_timeout",
@@ -763,6 +782,13 @@ def create_or_update_target_group(connection, module):
if stickiness_app_cookie_duration is not None:
if str(stickiness_app_cookie_duration) != current_tg_attributes['stickiness_app_cookie_duration_seconds']:
update_attributes.append({'Key': 'stickiness.app_cookie.duration_seconds', 'Value': str(stickiness_app_cookie_duration)})
+ if preserve_client_ip_enabled is not None:
+ if target_type not in ('udp', 'tcp_udp'):
+ if str(preserve_client_ip_enabled).lower() != current_tg_attributes.get('preserve_client_ip_enabled'):
+ update_attributes.append({'Key': 'preserve_client_ip.enabled', 'Value': str(preserve_client_ip_enabled).lower()})
+ if proxy_protocol_v2_enabled is not None:
+ if str(proxy_protocol_v2_enabled).lower() != current_tg_attributes.get('proxy_protocol_v2_enabled'):
+ update_attributes.append({'Key': 'proxy_protocol_v2.enabled', 'Value': str(proxy_protocol_v2_enabled).lower()})
if update_attributes:
try:
@@ -852,6 +878,8 @@ def main():
targets=dict(type='list', elements='dict'),
unhealthy_threshold_count=dict(type='int'),
vpc_id=dict(),
+ preserve_client_ip_enabled=dict(type='bool'),
+ proxy_protocol_v2_enabled=dict(type='bool'),
wait_timeout=dict(type='int', default=200),
wait=dict(type='bool', default=False)
)
diff --git a/plugins/modules/iam_cert.py b/plugins/modules/iam_server_certificate.py
similarity index 88%
rename from plugins/modules/iam_cert.py
rename to plugins/modules/iam_server_certificate.py
index fbe984670aa..5402b22d126 100644
--- a/plugins/modules/iam_cert.py
+++ b/plugins/modules/iam_server_certificate.py
@@ -20,7 +20,7 @@
DOCUMENTATION = '''
---
-module: iam_cert
+module: iam_server_certificate
version_added: 1.0.0
short_description: Manage server certificates for use on ELBs and CloudFront
description:
@@ -56,17 +56,23 @@
cert_chain:
description:
- The path to, or content of, the CA certificate chain in PEM encoded format.
- As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
+ - If the parameter is not a file, it is assumed to be content.
+ - Passing a file name is deprecated, and support will be dropped in
+ version 4.0.0 of this collection.
type: str
cert:
description:
- The path to, or content of the certificate body in PEM encoded format.
- As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
+ - If the parameter is not a file, it is assumed to be content.
+ - Passing a file name is deprecated, and support will be dropped in
+ version 4.0.0 of this collection.
type: str
key:
description:
- The path to, or content of the private key in PEM encoded format.
- As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
+ If the parameter is not a file, it is assumed to be content.
+ - Passing a file name is deprecated, and support will be dropped in
+ version 4.0.0 of this collection.
type: str
dup_ok:
description:
@@ -85,7 +91,7 @@
EXAMPLES = '''
- name: Basic server certificate upload from local file
- community.aws.iam_cert:
+ community.aws.iam_server_certificate:
name: very_ssl
state: present
cert: "{{ lookup('file', 'path/to/cert') }}"
@@ -93,7 +99,7 @@
cert_chain: "{{ lookup('file', 'path/to/certchain') }}"
- name: Basic server certificate upload
- community.aws.iam_cert:
+ community.aws.iam_server_certificate:
name: very_ssl
state: present
cert: path/to/cert
@@ -101,7 +107,7 @@
cert_chain: path/to/certchain
- name: Server certificate upload using key string
- community.aws.iam_cert:
+ community.aws.iam_server_certificate:
name: very_ssl
state: present
path: "/a/cert/path/"
@@ -110,7 +116,7 @@
cert_chain: body_of_myverytrustedchain
- name: Basic rename of existing certificate
- community.aws.iam_cert:
+ community.aws.iam_server_certificate:
name: very_ssl
new_name: new_very_ssl
state: present
@@ -231,16 +237,31 @@ def load_data(cert, key, cert_chain):
if cert and os.path.isfile(cert):
with open(cert, 'r') as cert_fh:
cert = cert_fh.read().rstrip()
+ module.deprecate(
+ 'Passing a file name as the cert argument has been deprecated. '
+ 'Please use a lookup instead, see the documentation for examples.',
+ version='4.0.0', collection_name='community.aws')
if key and os.path.isfile(key):
with open(key, 'r') as key_fh:
key = key_fh.read().rstrip()
+ module.deprecate(
+ 'Passing a file name as the key argument has been deprecated. '
+ 'Please use a lookup instead, see the documentation for examples.',
+ version='4.0.0', collection_name='community.aws')
if cert_chain and os.path.isfile(cert_chain):
with open(cert_chain, 'r') as cert_chain_fh:
cert_chain = cert_chain_fh.read()
+ module.deprecate(
+ 'Passing a file name as the cert_chain argument has been deprecated. '
+ 'Please use a lookup instead, see the documentation for examples.',
+ version='4.0.0', collection_name='community.aws')
return cert, key, cert_chain
def main():
+
+ global module
+
argument_spec = dict(
state=dict(required=True, choices=['present', 'absent']),
name=dict(required=True),
diff --git a/plugins/modules/rds_instance_info.py b/plugins/modules/rds_instance_info.py
index fba7804012a..13609972c17 100644
--- a/plugins/modules/rds_instance_info.py
+++ b/plugins/modules/rds_instance_info.py
@@ -234,6 +234,11 @@
returned: always
type: str
sample: '2017-10-10T04:00:07.434000+00:00'
+ iops:
+ description: The Provisioned IOPS value for the DB instance.
+ returned: always
+ type: int
+ sample: 1000
kms_key_id:
description: KMS Key ID
returned: always
diff --git a/plugins/modules/redshift_subnet_group.py b/plugins/modules/redshift_subnet_group.py
index fa210a5bee4..89e8bfa8042 100644
--- a/plugins/modules/redshift_subnet_group.py
+++ b/plugins/modules/redshift_subnet_group.py
@@ -9,8 +9,6 @@
DOCUMENTATION = r'''
---
-author:
- - "Jens Carl (@j-carl), Hothead Games Inc."
module: redshift_subnet_group
version_added: 1.0.0
short_description: manage Redshift cluster subnet groups
@@ -19,32 +17,33 @@
options:
state:
description:
- - Specifies whether the subnet should be present or absent.
- required: true
+ - Specifies whether the subnet group should be present or absent.
+ default: 'present'
choices: ['present', 'absent' ]
type: str
- group_name:
+ name:
description:
- Cluster subnet group name.
required: true
- aliases: ['name']
+ aliases: ['group_name']
type: str
- group_description:
+ description:
description:
- - Database subnet group description.
- aliases: ['description']
+ - Cluster subnet group description.
+ aliases: ['group_description']
type: str
- group_subnets:
+ subnets:
description:
- List of subnet IDs that make up the cluster subnet group.
- aliases: ['subnets']
+ - At least one subnet must be provided when creating a cluster subnet group.
+ aliases: ['group_subnets']
type: list
elements: str
extends_documentation_fragment:
- amazon.aws.aws
- amazon.aws.ec2
-requirements:
-- boto >= 2.49.0
+author:
+ - "Jens Carl (@j-carl), Hothead Games Inc."
'''
EXAMPLES = r'''
@@ -64,113 +63,209 @@
'''
RETURN = r'''
-group:
- description: dictionary containing all Redshift subnet group information
+cluster_subnet_group:
+ description: A dictionary containing information about the Redshift subnet group.
returned: success
- type: complex
+ type: dict
contains:
name:
- description: name of the Redshift subnet group
- returned: success
+ description: Name of the Redshift subnet group.
+ returned: when the cache subnet group exists
type: str
sample: "redshift_subnet_group_name"
vpc_id:
- description: Id of the VPC where the subnet is located
- returned: success
+ description: Id of the VPC where the subnet is located.
+ returned: when the cache subnet group exists
type: str
sample: "vpc-aabb1122"
+ description:
+ description: The description of the cache subnet group.
+ returned: when the cache subnet group exists
+ type: str
+ sample: Redshift subnet
+ subnet_ids:
+ description: The IDs of the subnets beloging to the Redshift subnet group.
+ returned: when the cache subnet group exists
+ type: list
+ elements: str
+ sample:
+ - subnet-aaaaaaaa
+ - subnet-bbbbbbbb
'''
try:
- import boto
- import boto.redshift
+ import botocore
except ImportError:
- pass # Handled by HAS_BOTO
+ pass # Handled by AnsibleAWSModule
+
+from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict
from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule
-from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO
-from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws
-from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info
+from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code
+from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry
+from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict
+
+
+def get_subnet_group(name):
+ try:
+ groups = client.describe_cluster_subnet_groups(
+ aws_retry=True,
+ ClusterSubnetGroupName=name,
+ )['ClusterSubnetGroups']
+ except is_boto3_error_code('ClusterSubnetGroupNotFoundFault'):
+ return None
+ except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except
+ module.fail_json_aws(e, msg="Failed to describe subnet group")
+
+ if not groups:
+ return None
+
+ if len(groups) > 1:
+ module.fail_aws(
+ msg="Found multiple matches for subnet group",
+ cluster_subnet_groups=camel_dict_to_snake_dict(groups),
+ )
+
+ # No support for managing tags yet, but make sure that we don't need to
+ # change the return value structure after it's been available in a release.
+ tags = boto3_tag_list_to_ansible_dict(groups[0]['Tags'])
+
+ subnet_group = camel_dict_to_snake_dict(groups[0])
+
+ subnet_group['tags'] = tags
+ subnet_group['name'] = subnet_group['cluster_subnet_group_name']
+
+ subnet_ids = list(s['subnet_identifier'] for s in subnet_group['subnets'])
+ subnet_group['subnet_ids'] = subnet_ids
+
+ return subnet_group
+
+
+def create_subnet_group(name, description, subnets):
+
+ if not subnets:
+ module.fail_json(msg='At least one subnet must be provided when creating a subnet group')
+
+ if module.check_mode:
+ return True
+
+ try:
+ if not description:
+ description = name
+ client.create_cluster_subnet_group(
+ aws_retry=True,
+ ClusterSubnetGroupName=name,
+ Description=description,
+ SubnetIds=subnets,
+ )
+ return True
+ except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
+ module.fail_json_aws(e, msg="Failed to create subnet group")
+
+
+def update_subnet_group(subnet_group, name, description, subnets):
+ update_params = dict()
+ if description and subnet_group['description'] != description:
+ update_params['Description'] = description
+ if subnets:
+ old_subnets = set(subnet_group['subnet_ids'])
+ new_subnets = set(subnets)
+ if old_subnets != new_subnets:
+ update_params['SubnetIds'] = list(subnets)
+
+ if not update_params:
+ return False
+
+ if module.check_mode:
+ return True
+
+ # Description is optional, SubnetIds is not
+ if 'SubnetIds' not in update_params:
+ update_params['SubnetIds'] = subnet_group['subnet_ids']
+
+ try:
+ client.modify_cluster_subnet_group(
+ aws_retry=True,
+ ClusterSubnetGroupName=name,
+ **update_params,
+ )
+ except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
+ module.fail_json_aws(e, msg="Failed to update subnet group")
+
+ return True
+
+
+def delete_subnet_group(name):
+
+ if module.check_mode:
+ return True
+
+ try:
+ client.delete_cluster_subnet_group(
+ aws_retry=True,
+ ClusterSubnetGroupName=name,
+ )
+ return True
+ except is_boto3_error_code('ClusterSubnetGroupNotFoundFault'):
+ # AWS is "eventually consistent", cope with the race conditions where
+ # deletion hadn't completed when we ran describe
+ return False
+ except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except
+ module.fail_json_aws(e, msg="Failed to delete subnet group")
def main():
argument_spec = dict(
- state=dict(required=True, choices=['present', 'absent']),
- group_name=dict(required=True, aliases=['name']),
- group_description=dict(required=False, aliases=['description']),
- group_subnets=dict(required=False, aliases=['subnets'], type='list', elements='str'),
+ state=dict(default='present', choices=['present', 'absent']),
+ name=dict(required=True, aliases=['group_name']),
+ description=dict(required=False, aliases=['group_description']),
+ subnets=dict(required=False, aliases=['group_subnets'], type='list', elements='str'),
)
- module = AnsibleAWSModule(argument_spec=argument_spec, check_boto3=False)
- if not HAS_BOTO:
- module.fail_json(msg='boto v2.9.0+ required for this module')
+ global module
+ global client
+
+ module = AnsibleAWSModule(
+ argument_spec=argument_spec,
+ supports_check_mode=True,
+ )
state = module.params.get('state')
- group_name = module.params.get('group_name')
- group_description = module.params.get('group_description')
- group_subnets = module.params.get('group_subnets')
+ name = module.params.get('name')
+ description = module.params.get('description')
+ subnets = module.params.get('subnets')
- if state == 'present':
- for required in ('group_name', 'group_description', 'group_subnets'):
- if not module.params.get(required):
- module.fail_json(msg=str("parameter %s required for state='present'" % required))
- else:
- for not_allowed in ('group_description', 'group_subnets'):
- if module.params.get(not_allowed):
- module.fail_json(msg=str("parameter %s not allowed for state='absent'" % not_allowed))
+ client = module.client('redshift', retry_decorator=AWSRetry.jittered_backoff())
- region, ec2_url, aws_connect_params = get_aws_connection_info(module)
- if not region:
- module.fail_json(msg=str("Region must be specified as a parameter, in EC2_REGION or AWS_REGION environment variables or in boto configuration file"))
+ subnet_group = get_subnet_group(name)
+ changed = False
- # Connect to the Redshift endpoint.
- try:
- conn = connect_to_aws(boto.redshift, region, **aws_connect_params)
- except boto.exception.JSONResponseError as e:
- module.fail_json(msg=str(e))
+ if state == 'present':
+ if not subnet_group:
+ result = create_subnet_group(name, description, subnets)
+ changed |= result
+ else:
+ result = update_subnet_group(subnet_group, name, description, subnets)
+ changed |= result
+ subnet_group = get_subnet_group(name)
+ else:
+ if subnet_group:
+ result = delete_subnet_group(name)
+ changed |= result
+ subnet_group = None
- try:
- changed = False
- exists = False
- group = None
-
- try:
- matching_groups = conn.describe_cluster_subnet_groups(group_name, max_records=100)
- exists = len(matching_groups) > 0
- except boto.exception.JSONResponseError as e:
- if e.body['Error']['Code'] != 'ClusterSubnetGroupNotFoundFault':
- # if e.code != 'ClusterSubnetGroupNotFoundFault':
- module.fail_json(msg=str(e))
-
- if state == 'absent':
- if exists:
- conn.delete_cluster_subnet_group(group_name)
- changed = True
+ compat_results = dict()
+ if subnet_group:
+ compat_results['group'] = dict(
+ name=subnet_group['name'],
+ vpc_id=subnet_group['vpc_id'],
+ )
- else:
- if not exists:
- new_group = conn.create_cluster_subnet_group(group_name, group_description, group_subnets)
- group = {
- 'name': new_group['CreateClusterSubnetGroupResponse']['CreateClusterSubnetGroupResult']
- ['ClusterSubnetGroup']['ClusterSubnetGroupName'],
- 'vpc_id': new_group['CreateClusterSubnetGroupResponse']['CreateClusterSubnetGroupResult']
- ['ClusterSubnetGroup']['VpcId'],
- }
- else:
- changed_group = conn.modify_cluster_subnet_group(group_name, group_subnets, description=group_description)
- group = {
- 'name': changed_group['ModifyClusterSubnetGroupResponse']['ModifyClusterSubnetGroupResult']
- ['ClusterSubnetGroup']['ClusterSubnetGroupName'],
- 'vpc_id': changed_group['ModifyClusterSubnetGroupResponse']['ModifyClusterSubnetGroupResult']
- ['ClusterSubnetGroup']['VpcId'],
- }
-
- changed = True
-
- except boto.exception.JSONResponseError as e:
- module.fail_json(msg=str(e))
-
- module.exit_json(changed=changed, group=group)
+ module.exit_json(
+ changed=changed,
+ cluster_subnet_group=subnet_group,
+ **compat_results,
+ )
if __name__ == '__main__':
diff --git a/plugins/modules/route53.py b/plugins/modules/route53.py
index d1391cfac58..d4fe99531c0 100644
--- a/plugins/modules/route53.py
+++ b/plugins/modules/route53.py
@@ -606,6 +606,7 @@ def main():
'TTL': ttl_in,
'ResourceRecords': [dict(Value=value) for value in value_in],
'HealthCheckId': health_check_in,
+ 'SetIdentifier': identifier_in,
})
if alias_in:
diff --git a/plugins/modules/sns_topic.py b/plugins/modules/sns_topic.py
index dd5af417bab..37cf573ce58 100644
--- a/plugins/modules/sns_topic.py
+++ b/plugins/modules/sns_topic.py
@@ -49,6 +49,73 @@
description:
- Delivery policy to apply to the SNS topic.
type: dict
+ suboptions:
+ http:
+ description:
+ - Delivery policy for HTTP(S) messages.
+ - See U(https://docs.aws.amazon.com/sns/latest/dg/sns-message-delivery-retries.html)
+ for more information.
+ type: dict
+ required: false
+ suboptions:
+ disableSubscriptionOverrides:
+ description:
+ - Applies this policy to all subscriptions, even if they have their own policies.
+ type: bool
+ required: false
+ defaultThrottlePolicy:
+ description:
+ - Throttle the rate of messages sent to subsriptions.
+ type: dict
+ suboptions:
+ maxReceivesPerSecond:
+ description:
+ - The maximum number of deliveries per second per subscription.
+ type: int
+ required: true
+ required: false
+ defaultHealthyRetryPolicy:
+ description:
+ - Retry policy for HTTP(S) messages.
+ type: dict
+ required: true
+ suboptions:
+ minDelayTarget:
+ description:
+ - The minimum delay for a retry.
+ type: int
+ required: true
+ maxDelayTarget:
+ description:
+ - The maximum delay for a retry.
+ type: int
+ required: true
+ numRetries:
+ description:
+ - The total number of retries.
+ type: int
+ required: true
+ numMaxDelayRetries:
+ description:
+ - The number of retries with the maximum delay between them.
+ type: int
+ required: true
+ numMinDelayRetries:
+ description:
+ - The number of retries with just the minimum delay between them.
+ type: int
+ required: true
+ numNoDelayRetries:
+ description:
+ - The number of retries to be performmed immediately.
+ type: int
+ required: true
+ backoffFunction:
+ description:
+ - The function for backoff between retries.
+ type: str
+ required: true
+ choices: ['arithmetic', 'exponential', 'geometric', 'linear']
subscriptions:
description:
- List of subscriptions to apply to the topic. Note that AWS requires
@@ -225,8 +292,12 @@
except ImportError:
pass # handled by AnsibleAWSModule
-from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code
-from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies, AWSRetry, camel_dict_to_snake_dict
+from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule
+from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code
+from ansible_collections.amazon.aws.plugins.module_utils.core import scrub_none_parameters
+from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies
+from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry
+from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict
class SnsTopicManager(object):
@@ -251,7 +322,7 @@ def __init__(self,
self.state = state
self.display_name = display_name
self.policy = policy
- self.delivery_policy = delivery_policy
+ self.delivery_policy = scrub_none_parameters(delivery_policy) if delivery_policy else None
self.subscriptions = subscriptions
self.subscriptions_existing = []
self.subscriptions_deleted = []
@@ -495,13 +566,39 @@ def get_info(self):
def main():
+
+ # We're kinda stuck with CamelCase here, it would be nice to switch to
+ # snake_case, but we'd need to purge out the alias entries
+ http_retry_args = dict(
+ minDelayTarget=dict(type='int', required=True),
+ maxDelayTarget=dict(type='int', required=True),
+ numRetries=dict(type='int', required=True),
+ numMaxDelayRetries=dict(type='int', required=True),
+ numMinDelayRetries=dict(type='int', required=True),
+ numNoDelayRetries=dict(type='int', required=True),
+ backoffFunction=dict(type='str', required=True, choices=['arithmetic', 'exponential', 'geometric', 'linear']),
+ )
+ http_delivery_args = dict(
+ defaultHealthyRetryPolicy=dict(type='dict', required=True, options=http_retry_args),
+ disableSubscriptionOverrides=dict(type='bool', required=False),
+ defaultThrottlePolicy=dict(
+ type='dict', required=False,
+ options=dict(
+ maxReceivesPerSecond=dict(type='int', required=True),
+ ),
+ ),
+ )
+ delivery_args = dict(
+ http=dict(type='dict', required=False, options=http_delivery_args),
+ )
+
argument_spec = dict(
name=dict(required=True),
topic_type=dict(type='str', default='standard', choices=['standard', 'fifo']),
state=dict(default='present', choices=['present', 'absent']),
display_name=dict(),
policy=dict(type='dict'),
- delivery_policy=dict(type='dict'),
+ delivery_policy=dict(type='dict', options=delivery_args),
subscriptions=dict(default=[], type='list', elements='dict'),
purge_subscriptions=dict(type='bool', default=True),
)
diff --git a/requirements.txt b/requirements.txt
index 0d58b96112d..3685e404330 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,3 +1,8 @@
+# When updating the minimal requirements please also update
+# - tests/unit/constraints.txt
+# - tests/integration/constraints.txt
+# - tests/integration/targets/setup_botocore_pip
+botocore>=1.18.0
+boto3>=1.15.0
+# Final released version
boto>=2.49.0
-botocore>=1.16.0
-boto3>=1.13.0
diff --git a/test-requirements.txt b/test-requirements.txt
index 3d217284154..77c76b86509 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -1,3 +1,7 @@
+botocore
+boto3
+boto
+
coverage==4.5.4
placebo
mock
@@ -8,3 +12,5 @@ pytest-mock
netaddr
# Sometimes needed where we don't have features we need in modules
awscli
+# Used for comparing SSH Public keys to the Amazon fingerprints
+pycrypto
diff --git a/tests/config.yml b/tests/config.yml
new file mode 100644
index 00000000000..5112f726881
--- /dev/null
+++ b/tests/config.yml
@@ -0,0 +1,2 @@
+modules:
+ python_requires: '>=3.6'
diff --git a/tests/integration/constraints.txt b/tests/integration/constraints.txt
index c105f290280..bd95eb26733 100644
--- a/tests/integration/constraints.txt
+++ b/tests/integration/constraints.txt
@@ -1,3 +1,7 @@
-boto3 >= 1.9.250, <= 1.15.18 # minimum version that supports botocore 1.13.3, max that will work with ansible 2.9's other constraints
-botocore<1.19.0,>=1.13.3 # adds support for ECR image scanning
+# Specifically run tests against the oldest versions that we support
+boto3==1.15.0
+botocore==1.18.0
+# AWS CLI has `botocore==` dependencies, provide the one that matches botocore
+# to avoid needing to download over a years worth of awscli wheels.
+awscli==1.18.141
diff --git a/tests/integration/requirements.txt b/tests/integration/requirements.txt
index 2fb8f547d8a..6e870975a35 100644
--- a/tests/integration/requirements.txt
+++ b/tests/integration/requirements.txt
@@ -1,5 +1,12 @@
+# Our code is based on the AWS SDKs
+boto
+boto3
+botocore
+
# netaddr is needed for ansible.netcommon.ipv6
netaddr
virtualenv
-boto3
-botocore
+# Sometimes needed where we don't have features we need in modules
+awscli
+# Used for comparing SSH Public keys to the Amazon fingerprints
+pycrypto
diff --git a/tests/integration/targets/aws_msk_cluster/tasks/main.yml b/tests/integration/targets/aws_msk_cluster/tasks/main.yml
index 9ace1814f81..a3049dad0b4 100644
--- a/tests/integration/targets/aws_msk_cluster/tasks/main.yml
+++ b/tests/integration/targets/aws_msk_cluster/tasks/main.yml
@@ -40,60 +40,38 @@
- set_fact:
subnet_ids: '{{ subnets | community.general.json_query("results[].subnet.id") | list }}'
- - pip:
- name: virtualenv
- - set_fact:
- virtualenv: "{{ remote_tmp_dir }}/virtualenv"
- virtualenv_command: "{{ ansible_python_interpreter }} -m virtualenv"
- - set_fact:
- virtualenv_interpreter: "{{ virtualenv }}/bin/python"
- - pip:
- name:
- - 'boto3>=1.13.0'
- - 'botocore==1.17.48'
- - 'coverage<5'
- virtualenv: '{{ virtualenv }}'
- virtualenv_command: '{{ virtualenv_command }}'
- virtualenv_site_packages: no
-
# ============================================================
- - name: Wrap test in virtualenv
- vars:
- ansible_python_interpreter: "{{ virtualenv }}/bin/python"
- block:
- - name: create msk configuration
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "present"
- kafka_versions:
- - "{{ msk_version }}"
- register: msk_config
+ - name: create msk configuration
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "present"
+ kafka_versions:
+ - "{{ msk_version }}"
+ register: msk_config
- - name: create tests
- include_tasks: test_create.yml
+ - name: create tests
+ include_tasks: test_create.yml
- - name: update tests
- include_tasks: test_update.yml
+ - name: update tests
+ include_tasks: test_update.yml
- - name: delete tests
- include_tasks: test_delete.yml
+ - name: delete tests
+ include_tasks: test_delete.yml
- always:
-
- - name: delete msk cluster
- aws_msk_cluster:
- name: "{{ msk_cluster_name }}"
- state: absent
- wait: true
- ignore_errors: yes
+ always:
- - name: remove msk configuration
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: absent
- ignore_errors: yes
+ - name: delete msk cluster
+ aws_msk_cluster:
+ name: "{{ msk_cluster_name }}"
+ state: absent
+ wait: true
+ ignore_errors: yes
- always:
+ - name: remove msk configuration
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: absent
+ ignore_errors: yes
- name: remove subnets
ec2_vpc_subnet:
diff --git a/tests/integration/targets/aws_msk_config/tasks/main.yml b/tests/integration/targets/aws_msk_config/tasks/main.yml
index d29631c1930..cef9e1dfc90 100644
--- a/tests/integration/targets/aws_msk_config/tasks/main.yml
+++ b/tests/integration/targets/aws_msk_config/tasks/main.yml
@@ -9,161 +9,140 @@
collections:
- amazon.aws
block:
-
- - pip:
- name: virtualenv
- - set_fact:
- virtualenv: "{{ remote_tmp_dir }}/virtualenv"
- virtualenv_command: "{{ ansible_python_interpreter }} -m virtualenv"
- - set_fact:
- virtualenv_interpreter: "{{ virtualenv }}/bin/python"
- - pip:
- name:
- - 'boto3>=1.13.0'
- - 'botocore==1.17.48'
- - 'coverage<5'
- virtualenv: '{{ virtualenv }}'
- virtualenv_command: '{{ virtualenv_command }}'
- virtualenv_site_packages: no
-
- - name: Wrap test in virtualenv
- vars:
- ansible_python_interpreter: "{{ virtualenv }}/bin/python"
- block:
- - name: create msk configuration (check mode)
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "present"
- kafka_versions: "{{ msk_kafka_versions }}"
- config: "{{ msk_configs[0] }}"
- check_mode: yes
- register: msk_config
-
- - name: assert that the msk configuration be created
- assert:
- that:
- - msk_config is changed
-
- - name: create msk configuration
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "present"
- kafka_versions: "{{ msk_kafka_versions }}"
- config: "{{ msk_configs[0] }}"
- register: msk_config
-
- - name: assert that the msk configuration is created
- assert:
- that:
- - msk_config is changed
-
- - name: create msk configuration (idempotency)
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "present"
- kafka_versions: "{{ msk_kafka_versions }}"
- config: "{{ msk_configs[0] }}"
- register: msk_config
-
- - name: assert that the msk configuration wasn't changed
- assert:
- that:
- - msk_config is not changed
-
- - name: validate return values
- assert:
- that:
- - msk_config.revision == 1
- - "msk_config.arn.startswith('arn:aws:kafka:{{ aws_region }}:')"
- - "'auto.create.topics.enable=True' in msk_config.server_properties"
- - "'zookeeper.session.timeout.ms=18000' in msk_config.server_properties"
-
- - name: update msk configuration (check mode)
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "present"
- kafka_versions: "{{ msk_kafka_versions }}"
- config: "{{ msk_configs[1] }}"
- check_mode: yes
- register: msk_config
-
- - name: assert that the msk configuration be changed
- assert:
- that:
- - msk_config is changed
-
- - name: update msk configuration
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "present"
- kafka_versions: "{{ msk_kafka_versions }}"
- config: "{{ msk_configs[1] }}"
- register: msk_config
-
- - name: assert that the msk configuration is changed
- assert:
- that:
- - msk_config is changed
-
- - name: validate return values (update)
- assert:
- that:
- - msk_config.revision == 2
- - "'auto.create.topics.enable=True' not in msk_config.server_properties"
- - "'num.io.threads=8' in msk_config.server_properties"
- - "'zookeeper.session.timeout.ms=36000' in msk_config.server_properties"
-
- - name: update msk configuration (idempotency)
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "present"
- kafka_versions: "{{ msk_kafka_versions }}"
- config: "{{ msk_configs[1] }}"
- register: msk_config
-
- - name: assert that the msk configuration wasn't changed
- assert:
- that:
- - msk_config is not changed
-
- - name: delete msk configuration (check mode)
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "absent"
- check_mode: yes
- register: msk_config
-
- - name: assert that the msk configuration be changed
- assert:
- that:
- - msk_config is changed
-
- - name: delete msk configuration
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "absent"
- register: msk_config
-
- - name: assert that the msk configuration is changed
- assert:
- that:
- - msk_config is changed
-
- - name: delete msk configuration (idempotency)
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: "absent"
- register: msk_config
-
- - name: assert that the msk configuration wasn't changed
- assert:
- that:
- - msk_config is not changed
-
- always:
-
- - name: remove msk configuration
- aws_msk_config:
- name: "{{ msk_config_name }}"
- state: absent
- ignore_errors: yes
+ - name: create msk configuration (check mode)
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "present"
+ kafka_versions: "{{ msk_kafka_versions }}"
+ config: "{{ msk_configs[0] }}"
+ check_mode: yes
+ register: msk_config
+
+ - name: assert that the msk configuration be created
+ assert:
+ that:
+ - msk_config is changed
+
+ - name: create msk configuration
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "present"
+ kafka_versions: "{{ msk_kafka_versions }}"
+ config: "{{ msk_configs[0] }}"
+ register: msk_config
+
+ - name: assert that the msk configuration is created
+ assert:
+ that:
+ - msk_config is changed
+
+ - name: create msk configuration (idempotency)
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "present"
+ kafka_versions: "{{ msk_kafka_versions }}"
+ config: "{{ msk_configs[0] }}"
+ register: msk_config
+
+ - name: assert that the msk configuration wasn't changed
+ assert:
+ that:
+ - msk_config is not changed
+
+ - name: validate return values
+ assert:
+ that:
+ - msk_config.revision == 1
+ - "msk_config.arn.startswith('arn:aws:kafka:{{ aws_region }}:')"
+ - "'auto.create.topics.enable=True' in msk_config.server_properties"
+ - "'zookeeper.session.timeout.ms=18000' in msk_config.server_properties"
+
+ - name: update msk configuration (check mode)
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "present"
+ kafka_versions: "{{ msk_kafka_versions }}"
+ config: "{{ msk_configs[1] }}"
+ check_mode: yes
+ register: msk_config
+
+ - name: assert that the msk configuration be changed
+ assert:
+ that:
+ - msk_config is changed
+
+ - name: update msk configuration
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "present"
+ kafka_versions: "{{ msk_kafka_versions }}"
+ config: "{{ msk_configs[1] }}"
+ register: msk_config
+
+ - name: assert that the msk configuration is changed
+ assert:
+ that:
+ - msk_config is changed
+
+ - name: validate return values (update)
+ assert:
+ that:
+ - msk_config.revision == 2
+ - "'auto.create.topics.enable=True' not in msk_config.server_properties"
+ - "'num.io.threads=8' in msk_config.server_properties"
+ - "'zookeeper.session.timeout.ms=36000' in msk_config.server_properties"
+
+ - name: update msk configuration (idempotency)
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "present"
+ kafka_versions: "{{ msk_kafka_versions }}"
+ config: "{{ msk_configs[1] }}"
+ register: msk_config
+
+ - name: assert that the msk configuration wasn't changed
+ assert:
+ that:
+ - msk_config is not changed
+
+ - name: delete msk configuration (check mode)
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "absent"
+ check_mode: yes
+ register: msk_config
+
+ - name: assert that the msk configuration be changed
+ assert:
+ that:
+ - msk_config is changed
+
+ - name: delete msk configuration
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "absent"
+ register: msk_config
+
+ - name: assert that the msk configuration is changed
+ assert:
+ that:
+ - msk_config is changed
+
+ - name: delete msk configuration (idempotency)
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: "absent"
+ register: msk_config
+
+ - name: assert that the msk configuration wasn't changed
+ assert:
+ that:
+ - msk_config is not changed
+
+ always:
+
+ - name: remove msk configuration
+ aws_msk_config:
+ name: "{{ msk_config_name }}"
+ state: absent
+ ignore_errors: yes
diff --git a/tests/integration/targets/aws_s3_bucket_info/tasks/bucket_ownership_controls.yml b/tests/integration/targets/aws_s3_bucket_info/tasks/bucket_ownership_controls.yml
index 8dd14bfbd42..77c193043a9 100644
--- a/tests/integration/targets/aws_s3_bucket_info/tasks/bucket_ownership_controls.yml
+++ b/tests/integration/targets/aws_s3_bucket_info/tasks/bucket_ownership_controls.yml
@@ -10,7 +10,7 @@
virtualenv_interpreter: "{{ virtualenv }}/bin/python"
- pip:
name:
- - 'boto3>=1.13.0'
+ - 'boto3>=1.15.0'
- 'botocore==1.18.11'
- 'coverage<5'
virtualenv: '{{ virtualenv }}'
diff --git a/tests/integration/targets/dynamodb_table/aliases b/tests/integration/targets/dynamodb_table/aliases
new file mode 100644
index 00000000000..4ef4b2067d0
--- /dev/null
+++ b/tests/integration/targets/dynamodb_table/aliases
@@ -0,0 +1 @@
+cloud/aws
diff --git a/tests/integration/targets/dynamodb_table/defaults/main.yml b/tests/integration/targets/dynamodb_table/defaults/main.yml
new file mode 100644
index 00000000000..47fc4243153
--- /dev/null
+++ b/tests/integration/targets/dynamodb_table/defaults/main.yml
@@ -0,0 +1,47 @@
+---
+table_name: '{{ resource_prefix }}'
+
+table_index: 'id'
+table_index_type: 'NUMBER'
+
+range_index: 'variety'
+range_index_type: 'STRING'
+
+indexes:
+ - name: NamedIndex
+ type: global_include
+ hash_key_name: idx
+ range_key_name: create_time
+ includes:
+ - other_field
+ - other_field2
+ read_capacity: 10
+ write_capacity: 10
+ - name: AnotherIndex
+ type: global_all
+ hash_key_name: foo
+ range_key_name: bar
+ includes:
+ - another_field
+ - another_field2
+ read_capacity: 5
+ write_capacity: 5
+
+
+tags_default:
+ snake_case_key: snake_case_value
+ camelCaseKey: camelCaseValue
+ PascalCaseKey: PascalCaseValue
+ 'key with spaces': value with spaces
+ 'Upper With Spaces': Upper With Spaces
+
+partial_tags:
+ snake_case_key: snake_case_value
+ camelCaseKey: camelCaseValue
+
+updated_tags:
+ updated_snake_case_key: updated_snake_case_value
+ updatedCamelCaseKey: updatedCamelCaseValue
+ UpdatedPascalCaseKey: UpdatedPascalCaseValue
+ 'updated key with spaces': updated value with spaces
+ 'updated Upper With Spaces': Updated Upper With Spaces
diff --git a/tests/integration/targets/dynamodb_table/meta/main.yml b/tests/integration/targets/dynamodb_table/meta/main.yml
new file mode 100644
index 00000000000..07faa217762
--- /dev/null
+++ b/tests/integration/targets/dynamodb_table/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+ - prepare_tests
diff --git a/tests/integration/targets/dynamodb_table/tasks/main.yml b/tests/integration/targets/dynamodb_table/tasks/main.yml
new file mode 100644
index 00000000000..938351f5625
--- /dev/null
+++ b/tests/integration/targets/dynamodb_table/tasks/main.yml
@@ -0,0 +1,733 @@
+---
+# dynamodb_table integration tests
+#
+# Current module limitations:
+# - changed very flakey
+# - various parameters have defaults set so reset undefined value
+#
+- module_defaults:
+ group/aws:
+ aws_access_key: '{{ aws_access_key }}'
+ aws_secret_key: '{{ aws_secret_key }}'
+ security_token: '{{ security_token | default(omit) }}'
+ region: '{{ aws_region }}'
+ block:
+
+ # ==============================================
+
+ - name: Create table - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ hash_key_name: '{{ table_index }}'
+ hash_key_type: '{{ table_index_type }}'
+ register: create_table
+ check_mode: True
+
+ - name: Check results - Create table - check_mode
+ assert:
+ that:
+ - create_table is successful
+ - create_table is changed
+ - '"hash_key_name" in create_table'
+
+ - name: Create table
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ hash_key_name: '{{ table_index }}'
+ hash_key_type: '{{ table_index_type }}'
+ register: create_table
+
+ - name: Check results - Create table
+ assert:
+ that:
+ - create_table is successful
+ - create_table is changed
+ - '"hash_key_name" in create_table'
+ - '"hash_key_type" in create_table'
+ - '"indexes" in create_table'
+ - '"range_key_name" in create_table'
+ - '"range_key_type" in create_table'
+ - '"read_capacity" in create_table'
+ - '"region" in create_table'
+ - '"table_name" in create_table'
+ - '"table_status" in create_table'
+ - '"write_capacity" in create_table'
+ - create_table.hash_key_name == table_index
+ - create_table.hash_key_type == table_index_type
+ - create_table.indexes | length == 0
+ - create_table.range_key_name is none
+ - create_table.range_key_type == "STRING"
+ - create_table.read_capacity == 1
+ - create_table.table_name == table_name
+ - create_table.write_capacity == 1
+
+ - name: Create table - idempotent - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ hash_key_name: '{{ table_index }}'
+ hash_key_type: '{{ table_index_type }}'
+ register: create_table
+ check_mode: True
+
+ - name: Check results - Create table - idempotent - check_mode
+ assert:
+ that:
+ - create_table is successful
+ - create_table is not changed
+
+ - name: Create table - idempotent
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ hash_key_name: '{{ table_index }}'
+ hash_key_type: '{{ table_index_type }}'
+ register: create_table
+
+ - name: Check results - Create table - idempotent
+ assert:
+ that:
+ - create_table is successful
+ - create_table is not changed
+ - '"hash_key_name" in create_table'
+ - '"hash_key_type" in create_table'
+ - '"indexes" in create_table'
+ - '"range_key_name" in create_table'
+ - '"range_key_type" in create_table'
+ - '"read_capacity" in create_table'
+ - '"region" in create_table'
+ - '"table_name" in create_table'
+ - '"table_status" in create_table'
+ - '"write_capacity" in create_table'
+ - create_table.hash_key_name == table_index
+ - create_table.hash_key_type == table_index_type
+ - create_table.indexes | length == 0
+ - create_table.range_key_name is none
+ - create_table.range_key_type == "STRING"
+ - create_table.read_capacity == 1
+ - create_table.table_name == table_name
+ - create_table.write_capacity == 1
+
+ # ==============================================
+
+ - name: Tag table - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ tags: '{{ tags_default }}'
+ register: tag_table
+ check_mode: True
+
+ - name: Check results - Tag table - check_mode
+ assert:
+ that:
+ - tag_table is successful
+ # XXX bug updating (just) tags doesn't return 'changed'
+ # - tag_table is changed
+
+ - name: Tag table
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ tags: '{{ tags_default }}'
+ register: tag_table
+
+ - name: Check results - Tag table
+ assert:
+ that:
+ - tag_table is successful
+ # XXX bug updating (just) tags doesn't return 'changed'
+ # - tag_table is changed
+ - '"hash_key_name" in tag_table'
+ - '"hash_key_type" in tag_table'
+ - '"indexes" in tag_table'
+ - '"range_key_name" in tag_table'
+ - '"range_key_type" in tag_table'
+ - '"read_capacity" in tag_table'
+ - '"region" in tag_table'
+ - '"table_name" in tag_table'
+ - '"table_status" in tag_table'
+ - '"write_capacity" in tag_table'
+ # XXX Bug - returns none when not actively set
+ # - tag_table.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ #- tag_table.hash_key_type == table_index_type
+ - tag_table.indexes | length == 0
+ - tag_table.range_key_name is none
+ - tag_table.range_key_type == "STRING"
+ - tag_table.read_capacity == 1
+ - tag_table.table_name == table_name
+ - tag_table.write_capacity == 1
+ - tag_table.tags == tags_default
+
+ - name: Tag table - idempotent - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ tags: '{{ tags_default }}'
+ register: tag_table
+ check_mode: True
+
+ - name: Check results - Tag table - idempotent - check_mode
+ assert:
+ that:
+ - tag_table is successful
+ - tag_table is not changed
+
+ - name: Tag table - idempotent
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ tags: '{{ tags_default }}'
+ register: tag_table
+
+ - name: Check results - Tag table - idempotent
+ assert:
+ that:
+ - tag_table is successful
+ - tag_table is not changed
+ - '"hash_key_name" in tag_table'
+ - '"hash_key_type" in tag_table'
+ - '"indexes" in tag_table'
+ - '"range_key_name" in tag_table'
+ - '"range_key_type" in tag_table'
+ - '"read_capacity" in tag_table'
+ - '"region" in tag_table'
+ - '"table_name" in tag_table'
+ - '"table_status" in tag_table'
+ - '"write_capacity" in tag_table'
+ # XXX Bug - returns none when not actively set
+ # - tag_table.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ # - tag_table.hash_key_type == table_index_type
+ - tag_table.indexes | length == 0
+ - tag_table.range_key_name is none
+ - tag_table.range_key_type == "STRING"
+ - tag_table.read_capacity == 1
+ - tag_table.table_name == table_name
+ - tag_table.write_capacity == 1
+ - tag_table.tags == tags_default
+
+ # ==============================================
+
+ - name: Update table read capacity - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ read_capacity: 3
+ register: update_read
+ check_mode: True
+
+ - name: Check results - Update table read capacity - check_mode
+ assert:
+ that:
+ - update_read is successful
+ - update_read is changed
+
+ - name: Update table read capacity
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ read_capacity: 3
+ register: update_read
+
+ - name: Check results - Update table read capacity
+ assert:
+ that:
+ - update_read is successful
+ - update_read is changed
+ - '"hash_key_name" in update_read'
+ - '"hash_key_type" in update_read'
+ - '"indexes" in update_read'
+ - '"range_key_name" in update_read'
+ - '"range_key_type" in update_read'
+ - '"read_capacity" in update_read'
+ - '"region" in update_read'
+ - '"table_name" in update_read'
+ - '"table_status" in update_read'
+ - '"write_capacity" in update_read'
+ # XXX Bug - returns none when not actively set
+ # - update_read.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ # - update_read.hash_key_type == table_index_type
+ - update_read.indexes | length == 0
+ - update_read.range_key_name is none
+ - update_read.range_key_type == "STRING"
+ - update_read.read_capacity == 3
+ - update_read.table_name == table_name
+ - update_read.write_capacity == 1
+ # Tags are only returned when tagging
+ # - update_read.tags == tags_default
+
+ - name: Update table read capacity - idempotent - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ read_capacity: 3
+ register: update_read
+ check_mode: True
+
+ - name: Check results - Update table read capacity - idempotent - check_mode
+ assert:
+ that:
+ - update_read is successful
+ # XXX Bug - returns changed
+ # - update_read is not changed
+
+ - name: Update table read capacity - idempotent
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ read_capacity: 3
+ register: update_read
+ # Can result in ResourceInUseException - change in flight
+ until: update_read is successful
+ retries: 15
+ delay: 10
+
+ - name: Check results - Update table read capacity - idempotent
+ assert:
+ that:
+ - update_read is successful
+ - update_read is not changed
+ - '"hash_key_name" in update_read'
+ - '"hash_key_type" in update_read'
+ - '"indexes" in update_read'
+ - '"range_key_name" in update_read'
+ - '"range_key_type" in update_read'
+ - '"read_capacity" in update_read'
+ - '"region" in update_read'
+ - '"table_name" in update_read'
+ - '"table_status" in update_read'
+ - '"write_capacity" in update_read'
+ # XXX Bug - returns none when not actively set
+ # - update_read.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ # - update_read.hash_key_type == table_index_type
+ - update_read.indexes | length == 0
+ - update_read.range_key_name is none
+ - update_read.range_key_type == "STRING"
+ - update_read.read_capacity == 3
+ - update_read.table_name == table_name
+ - update_read.write_capacity == 1
+ # Tags are only returned when tagging
+ # - update_read.tags == tags_default
+
+ # ==============================================
+
+ - name: Update table write capacity - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ write_capacity: 3
+ register: update_write
+ check_mode: True
+
+ - name: Check results - Update table write capacity - check_mode
+ assert:
+ that:
+ - update_write is successful
+ - update_write is changed
+
+ - name: Update table write capacity
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ write_capacity: 3
+ register: update_write
+
+ - name: Check results - Update table write capacity
+ assert:
+ that:
+ - update_write is successful
+ - update_write is changed
+ - '"hash_key_name" in update_write'
+ - '"hash_key_type" in update_write'
+ - '"indexes" in update_write'
+ - '"range_key_name" in update_write'
+ - '"range_key_type" in update_write'
+ - '"read_capacity" in update_write'
+ - '"region" in update_write'
+ - '"table_name" in update_write'
+ - '"table_status" in update_write'
+ - '"write_capacity" in update_write'
+ # XXX Bug - returns none when not actively set
+ # - update_write.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ # - update_write.hash_key_type == table_index_type
+ - update_write.indexes | length == 0
+ - update_write.range_key_name is none
+ - update_write.range_key_type == "STRING"
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_write.read_capacity == 3
+ - update_write.table_name == table_name
+ - update_write.write_capacity == 3
+ # Tags are only returned when tagging
+ # - update_write.tags == tags_default
+
+ - name: Update table write capacity - idempotent - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ write_capacity: 3
+ register: update_write
+ check_mode: True
+
+ - name: Check results - Update table write capacity - idempotent - check_mode
+ assert:
+ that:
+ - update_write is successful
+ # XXX Bug - returns changed
+ # - update_write is not changed
+
+ - name: Update table write capacity - idempotent
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ write_capacity: 3
+ register: update_write
+ # Can result in ResourceInUseException - change in flight
+ until: update_write is successful
+ retries: 15
+ delay: 10
+
+ - name: Check results - Update table write capacity - idempotent
+ assert:
+ that:
+ - update_write is successful
+ # XXX Bug - returns changed
+ # - update_write is not changed
+ - '"hash_key_name" in update_write'
+ - '"hash_key_type" in update_write'
+ - '"indexes" in update_write'
+ - '"range_key_name" in update_write'
+ - '"range_key_type" in update_write'
+ - '"read_capacity" in update_write'
+ - '"region" in update_write'
+ - '"table_name" in update_write'
+ - '"table_status" in update_write'
+ - '"write_capacity" in update_write'
+ # XXX Bug - returns none when not actively set
+ # - update_write.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ # - update_write.hash_key_type == table_index_type
+ - update_write.indexes | length == 0
+ - update_write.range_key_name is none
+ - update_write.range_key_type == "STRING"
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_write.read_capacity == 3
+ - update_write.table_name == table_name
+ - update_write.write_capacity == 3
+ # Tags are only returned when tagging
+ # - update_write.tags == tags_default
+
+ # ==============================================
+
+ - name: Update table add range index - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ range_key_name: '{{ range_index }}'
+ range_key_type: '{{ range_index_type }}'
+ register: update_range_index
+ check_mode: True
+
+ - name: Check results - Update table add range index - check_mode
+ assert:
+ that:
+ - update_range_index is successful
+ - update_range_index is changed
+
+ - name: Update table write capacity
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ range_key_name: '{{ range_index }}'
+ range_key_type: '{{ range_index_type }}'
+ register: update_range_index
+
+ - name: Check results - Update table add range index
+ assert:
+ that:
+ - update_range_index is successful
+ - update_range_index is changed
+ - '"hash_key_name" in update_range_index'
+ - '"hash_key_type" in update_range_index'
+ - '"indexes" in update_range_index'
+ - '"range_key_name" in update_range_index'
+ - '"range_key_type" in update_range_index'
+ - '"read_capacity" in update_range_index'
+ - '"region" in update_range_index'
+ - '"table_name" in update_range_index'
+ - '"table_status" in update_range_index'
+ - '"write_capacity" in update_range_index'
+ # XXX Bug - returns none when not actively set
+ # - update_range_index.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ # - update_range_index.hash_key_type == table_index_type
+ - update_range_index.indexes | length == 0
+ - update_range_index.range_key_name == range_index
+ - update_range_index.range_key_type == range_index_type
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_range_index.read_capacity == 3
+ - update_range_index.table_name == table_name
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_range_index.write_capacity == 3
+ # Tags are only returned when tagging
+ # - update_range_index.tags == tags_default
+
+ - name: Update table add range index - idempotent - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ range_key_name: '{{ range_index }}'
+ range_key_type: '{{ range_index_type }}'
+ register: update_range_index
+ check_mode: True
+
+ - name: Check results - Update table add range index - idempotent - check_mode
+ assert:
+ that:
+ - update_range_index is successful
+ # XXX Bug - returns changed
+ # - update_range_index is not changed
+
+ - name: Update table add range index - idempotent
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ range_key_name: '{{ range_index }}'
+ range_key_type: '{{ range_index_type }}'
+ register: update_range_index
+ # Can result in ResourceInUseException - change in flight
+ until: update_range_index is successful
+ retries: 15
+ delay: 10
+
+ - name: Check results - Update table add range index - idempotent
+ assert:
+ that:
+ - update_range_index is successful
+ # XXX Bug - returns changed
+ # - update_range_index is not changed
+ - '"hash_key_name" in update_range_index'
+ - '"hash_key_type" in update_range_index'
+ - '"indexes" in update_range_index'
+ - '"range_key_name" in update_range_index'
+ - '"range_key_type" in update_range_index'
+ - '"read_capacity" in update_range_index'
+ - '"region" in update_range_index'
+ - '"table_name" in update_range_index'
+ - '"table_status" in update_range_index'
+ - '"write_capacity" in update_range_index'
+ # XXX Bug - returns none when not actively set
+ # - update_range_index.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ # - update_range_index.hash_key_type == table_index_type
+ - update_range_index.indexes | length == 0
+ - update_range_index.range_key_name == range_index
+ - update_range_index.range_key_type == range_index_type
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_range_index.read_capacity == 3
+ - update_range_index.table_name == table_name
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_range_index.write_capacity == 3
+ # Tags are only returned when tagging
+ # - update_range_index.tags == tags_default
+
+ # ==============================================
+
+ - name: Update table add indexes - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ indexes: '{{ indexes }}'
+ register: update_indexes
+ check_mode: True
+
+ - name: Check results - Update table add indexes - check_mode
+ assert:
+ that:
+ - update_indexes is successful
+ - update_indexes is changed
+
+ - name: Update table add indexes
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ indexes: '{{ indexes }}'
+ register: update_indexes
+ # Can result in LimitExceededException - change in flight
+ until: update_indexes is successful
+ retries: 45
+ delay: 10
+
+ - name: Check results - Update table add indexes
+ assert:
+ that:
+ - update_indexes is successful
+ - update_indexes is changed
+ - '"hash_key_name" in update_indexes'
+ - '"hash_key_type" in update_indexes'
+ - '"indexes" in update_indexes'
+ - '"range_key_name" in update_indexes'
+ - '"range_key_type" in update_indexes'
+ - '"read_capacity" in update_indexes'
+ - '"region" in update_indexes'
+ - '"table_name" in update_indexes'
+ - '"table_status" in update_indexes'
+ - '"write_capacity" in update_indexes'
+ # XXX Bug - returns none when not actively set
+ # - update_indexes.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ # - update_indexes.hash_key_type == table_index_type
+ - update_indexes.indexes | length == 2
+ # XXX Bug - returns none when not actively set
+ # - update_indexes.range_key_name == range_index
+ # XXX Bug - returns string when not actively set
+ # - update_indexes.range_key_type == range_index_type
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_indexes.read_capacity == 3
+ - update_indexes.table_name == table_name
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_indexes.write_capacity == 3
+ # Tags are only returned when tagging
+ # - update_indexes.tags == tags_default
+
+ - name: Update table add indexes - idempotent - check_mode
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ indexes: '{{ indexes }}'
+ register: update_indexes
+ check_mode: True
+
+ - name: Check results - Update table add indexes - idempotent - check_mode
+ assert:
+ that:
+ - update_indexes is successful
+ # XXX Bug - returns changed
+ # - update_indexes is not changed
+
+ - name: Update table add indexes - idempotent
+ dynamodb_table:
+ state: present
+ name: '{{ table_name }}'
+ indexes: '{{ indexes }}'
+ register: update_indexes
+ # Can result in LimitExceededException - change in flight
+ until: update_indexes is successful
+ retries: 45
+ delay: 10
+
+ - name: Check results - Update table add indexes - idempotent
+ assert:
+ that:
+ - update_indexes is successful
+ # XXX Bug - returns changed
+ # - update_indexes is not changed
+ - '"hash_key_name" in update_indexes'
+ - '"hash_key_type" in update_indexes'
+ - '"indexes" in update_indexes'
+ - '"range_key_name" in update_indexes'
+ - '"range_key_type" in update_indexes'
+ - '"read_capacity" in update_indexes'
+ - '"region" in update_indexes'
+ - '"table_name" in update_indexes'
+ - '"table_status" in update_indexes'
+ - '"write_capacity" in update_indexes'
+ # XXX Bug - returns none when not actively set
+ # - update_indexes.hash_key_name == table_index
+ # XXX Bug - returns string when not actively set
+ # - update_indexes.hash_key_type == table_index_type
+ - update_indexes.indexes | length == 2
+ # XXX Bug - returns none when not actively set
+ # - update_indexes.range_key_name == range_index
+ # XXX Bug - returns string when not actively set
+ # - update_indexes.range_key_type == range_index_type
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_indexes.read_capacity == 3
+ - update_indexes.table_name == table_name
+ # XXX Bug - gets reset to 1 because a default was set
+ # - update_indexes.write_capacity == 3
+ # Tags are only returned when tagging
+ # - update_indexes.tags == tags_default
+
+ # ==============================================
+
+ - name: Delete table - check_mode
+ dynamodb_table:
+ state: absent
+ name: '{{ table_name }}'
+ register: delete_table
+ check_mode: True
+
+ - name: Check results - Delete table - check_mode
+ assert:
+ that:
+ - delete_table is successful
+ - delete_table is changed
+
+ - name: Delete table
+ dynamodb_table:
+ state: absent
+ name: '{{ table_name }}'
+ register: delete_table
+ # Updates don't support waiting yet, so retry until successful
+ until: delete_table is successful
+ retries: 45
+ delay: 10
+
+ - name: Check results - Delete table
+ assert:
+ that:
+ - delete_table is successful
+ - delete_table is changed
+
+ - name: Delete table - idempotent - check_mode
+ dynamodb_table:
+ state: absent
+ name: '{{ table_name }}'
+ register: delete_table
+ check_mode: True
+
+ - name: Check results - Delete table - idempotent - check_mode
+ assert:
+ that:
+ - delete_table is successful
+ # XXX bug - returns changed
+ # - delete_table is not changed
+
+ - name: Delete table - idempotent
+ dynamodb_table:
+ state: absent
+ name: '{{ table_name }}'
+ register: delete_table
+ # Deletion doesn't support waiting yet, so retry until successful
+ until: delete_table is successful
+ retries: 45
+ delay: 10
+
+ - name: Check results - Delete table - idempotent
+ assert:
+ that:
+ - delete_table is successful
+ - delete_table is not changed
+
+ always:
+
+ ################################################
+ # TEARDOWN STARTS HERE
+ ################################################
+
+ - name: Clean up table
+ dynamodb_table:
+ state: absent
+ name: '{{ table_name }}'
+ register: delete_table
+ # Can result in LimitExceededException or ResourceInUseException - changes in flight
+ until: delete_table is successful
+ retries: 40
+ delay: 10
diff --git a/tests/integration/targets/ec2_eip/tasks/main.yml b/tests/integration/targets/ec2_eip/tasks/main.yml
index 83093572697..9f03f5b5647 100644
--- a/tests/integration/targets/ec2_eip/tasks/main.yml
+++ b/tests/integration/targets/ec2_eip/tasks/main.yml
@@ -662,6 +662,25 @@
state: absent
name: '{{ resource_prefix }}-vpc'
cidr_block: '{{ vpc_cidr }}'
+
+ - name: Create an EIP outside a VPC
+ ec2_eip:
+ state: present
+ in_vpc: '{{ omit }}'
+ register: unbound_eip
+ - assert:
+ that:
+ - unbound_eip is successful
+ - unbound_eip is changed
+ - name: Release EIP
+ ec2_eip:
+ state: absent
+ public_ip: '{{ unbound_eip.public_ip }}'
+ register: release_unbound_eip
+ - assert:
+ that:
+ - release_unbound_eip is successful
+ - release_unbound_eip is changed
# =====================================================
always:
- name: Cleanup instance (by id)
@@ -735,6 +754,12 @@
public_ip: '{{ no_tagged_eip.public_ip }}'
when: no_tagged_eip is changed
ignore_errors: true
+ - name: Cleanup unbound_eip
+ ec2_eip:
+ state: absent
+ public_ip: '{{ unbound_eip.public_ip }}'
+ when: unbound_eip is changed
+ ignore_errors: true
- name: Cleanup VPC
ec2_vpc_net:
state: absent
diff --git a/tests/integration/targets/elasticache/aliases b/tests/integration/targets/elasticache/aliases
index 88ef7754817..5ee1d22add8 100644
--- a/tests/integration/targets/elasticache/aliases
+++ b/tests/integration/targets/elasticache/aliases
@@ -3,5 +3,3 @@
unstable
cloud/aws
-
-elasticache_subnet_group
diff --git a/tests/integration/targets/elasticache_subnet_group/aliases b/tests/integration/targets/elasticache_subnet_group/aliases
new file mode 100644
index 00000000000..4ef4b2067d0
--- /dev/null
+++ b/tests/integration/targets/elasticache_subnet_group/aliases
@@ -0,0 +1 @@
+cloud/aws
diff --git a/tests/integration/targets/elasticache_subnet_group/defaults/main.yml b/tests/integration/targets/elasticache_subnet_group/defaults/main.yml
new file mode 100644
index 00000000000..ea8921880a9
--- /dev/null
+++ b/tests/integration/targets/elasticache_subnet_group/defaults/main.yml
@@ -0,0 +1,42 @@
+---
+availability_zone: '{{ ec2_availability_zone_names[0] }}'
+
+vpc_name: '{{ resource_prefix }}'
+subnet_name_a: '{{ resource_prefix }}-a'
+subnet_name_b: '{{ resource_prefix }}-b'
+subnet_name_c: '{{ resource_prefix }}-c'
+subnet_name_d: '{{ resource_prefix }}-d'
+
+vpc_cidr: '10.{{ 256 | random(seed=resource_prefix) }}.0.0/16'
+subnet_cidr_a: '10.{{ 256 | random(seed=resource_prefix) }}.1.0/24'
+subnet_cidr_b: '10.{{ 256 | random(seed=resource_prefix) }}.2.0/24'
+subnet_cidr_c: '10.{{ 256 | random(seed=resource_prefix) }}.3.0/24'
+subnet_cidr_d: '10.{{ 256 | random(seed=resource_prefix) }}.4.0/24'
+
+subnet_zone_a: '{{ ec2_availability_zone_names[0] }}'
+subnet_zone_b: '{{ ec2_availability_zone_names[1] }}'
+subnet_zone_c: '{{ ec2_availability_zone_names[0] }}'
+subnet_zone_d: '{{ ec2_availability_zone_names[1] }}'
+
+group_name: '{{ resource_prefix }}'
+description_default: 'Subnet Description'
+description_updated: 'updated subnet description'
+
+# Tagging not currently supported, planned with boto3 upgrade
+tags_default:
+ snake_case_key: snake_case_value
+ camelCaseKey: camelCaseValue
+ PascalCaseKey: PascalCaseValue
+ 'key with spaces': value with spaces
+ 'Upper With Spaces': Upper With Spaces
+
+partial_tags:
+ snake_case_key: snake_case_value
+ camelCaseKey: camelCaseValue
+
+updated_tags:
+ updated_snake_case_key: updated_snake_case_value
+ updatedCamelCaseKey: updatedCamelCaseValue
+ UpdatedPascalCaseKey: UpdatedPascalCaseValue
+ 'updated key with spaces': updated value with spaces
+ 'updated Upper With Spaces': Updated Upper With Spaces
diff --git a/tests/integration/targets/elasticache_subnet_group/meta/main.yml b/tests/integration/targets/elasticache_subnet_group/meta/main.yml
new file mode 100644
index 00000000000..930e8622824
--- /dev/null
+++ b/tests/integration/targets/elasticache_subnet_group/meta/main.yml
@@ -0,0 +1,3 @@
+dependencies:
+ - prepare_tests
+ - setup_ec2_facts
diff --git a/tests/integration/targets/elasticache_subnet_group/tasks/main.yml b/tests/integration/targets/elasticache_subnet_group/tasks/main.yml
new file mode 100644
index 00000000000..5814f9dc90d
--- /dev/null
+++ b/tests/integration/targets/elasticache_subnet_group/tasks/main.yml
@@ -0,0 +1,681 @@
+---
+# elasticache_subnet_group integration tests
+#
+# Current module limitations:
+# - check_mode not supported
+# - Tagging not supported
+# - Returned values *very* limited (almost none)
+#
+- module_defaults:
+ group/aws:
+ aws_access_key: '{{ aws_access_key }}'
+ aws_secret_key: '{{ aws_secret_key }}'
+ security_token: '{{ security_token | default(omit) }}'
+ region: '{{ aws_region }}'
+ block:
+
+ # ============================================================
+
+ - name: Create Subnet Group with no subnets - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ check_mode: True
+ register: create_group
+ ignore_errors: True
+
+ - name: Check result - Create Subnet Group with no subnets - check_mode
+ assert:
+ that:
+ - create_group is failed
+ # Check we caught the issue before trying to create
+ - '"CreateCacheSubnetGroup" not in create_group.resource_actions'
+ # Check that we don't refer to the boto3 parameter
+ - '"SubnetIds" not in create_group.msg'
+ # Loosely check the message
+ - '"subnet" in create_group.msg'
+ - '"At least" in create_group.msg'
+
+ - name: Create Subnet Group with no subnets
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ register: create_group
+ ignore_errors: True
+
+ - name: Check result - Create Subnet Group with no subnets
+ assert:
+ that:
+ - create_group is failed
+ # Check we caught the issue before trying to create
+ - '"CreateCacheSubnetGroup" not in create_group.resource_actions'
+ # Check that we don't refer to the boto3 parameter
+ - '"SubnetIds" not in create_group.msg'
+ # Loosely check the message
+ - '"subnet" in create_group.msg'
+ - '"At least" in create_group.msg'
+
+ # ============================================================
+ # Setup infra needed for tests
+ - name: create a VPC
+ ec2_vpc_net:
+ state: present
+ name: '{{ vpc_name }}'
+ cidr_block: '{{ vpc_cidr }}'
+ tags:
+ TestPrefix: '{{ resource_prefix }}'
+ register: vpc_result
+
+ - name: create subnets
+ ec2_vpc_subnet:
+ state: present
+ cidr: '{{ item.cidr }}'
+ az: '{{ item.zone }}'
+ vpc_id: '{{ vpc_result.vpc.id }}'
+ tags:
+ Name: '{{ item.name }}'
+ TestPrefix: '{{ resource_prefix }}'
+ register: vpc_subnet_create
+ loop:
+ - name: '{{ subnet_name_a }}'
+ cidr: '{{ subnet_cidr_a }}'
+ zone: '{{ subnet_zone_a }}'
+ - name: '{{ subnet_name_b }}'
+ cidr: '{{ subnet_cidr_b }}'
+ zone: '{{ subnet_zone_b }}'
+ - name: '{{ subnet_name_c }}'
+ cidr: '{{ subnet_cidr_c }}'
+ zone: '{{ subnet_zone_c }}'
+ - name: '{{ subnet_name_d }}'
+ cidr: '{{ subnet_cidr_d }}'
+ zone: '{{ subnet_zone_d }}'
+
+ - name: Store IDs of subnets and VPC
+ set_fact:
+ vpc_id: '{{ vpc_result.vpc.id }}'
+ subnet_id_a: '{{ vpc_subnet_create.results[0].subnet.id }}'
+ subnet_id_b: '{{ vpc_subnet_create.results[1].subnet.id }}'
+ subnet_id_c: '{{ vpc_subnet_create.results[2].subnet.id }}'
+ subnet_id_d: '{{ vpc_subnet_create.results[3].subnet.id }}'
+
+ # ============================================================
+
+ - name: Create Subnet Group - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_default }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ check_mode: True
+ register: create_group
+
+ - name: Check result - Create Subnet Group - check_mode
+ assert:
+ that:
+ - create_group is successful
+ - create_group is changed
+
+ - name: Create Subnet Group
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_default }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: create_group
+
+ - name: Check result - Create Subnet Group
+ assert:
+ that:
+ - create_group is successful
+ - create_group is changed
+ - '"cache_subnet_group" in create_group'
+ - '"arn" in create_group.cache_subnet_group'
+ - '"description" in create_group.cache_subnet_group'
+ - '"name" in create_group.cache_subnet_group'
+ - '"subnet_ids" in create_group.cache_subnet_group'
+ - '"vpc_id" in create_group.cache_subnet_group'
+ - create_group.cache_subnet_group.description == description_default
+ - create_group.cache_subnet_group.name == group_name
+ - subnet_id_a in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_b in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_c not in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_d not in create_group.cache_subnet_group.subnet_ids
+ - create_group.cache_subnet_group.vpc_id == vpc_id
+ - create_group.cache_subnet_group.arn.startswith('arn:')
+ - create_group.cache_subnet_group.arn.endswith(group_name)
+
+ - name: Create Subnet Group - idempotency - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_default }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ check_mode: True
+ register: create_group
+
+ - name: Check result - Create Subnet Group - idempotency - check_mode
+ assert:
+ that:
+ - create_group is successful
+ - create_group is not changed
+
+ - name: Create Subnet Group - idempotency
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_default }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: create_group
+
+ - name: Check result - Create Subnet Group - idempotency
+ assert:
+ that:
+ - create_group is successful
+ - create_group is not changed
+ - '"cache_subnet_group" in create_group'
+ - '"arn" in create_group.cache_subnet_group'
+ - '"description" in create_group.cache_subnet_group'
+ - '"name" in create_group.cache_subnet_group'
+ - '"subnet_ids" in create_group.cache_subnet_group'
+ - '"vpc_id" in create_group.cache_subnet_group'
+ - create_group.cache_subnet_group.description == description_default
+ - create_group.cache_subnet_group.name == group_name
+ - subnet_id_a in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_b in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_c not in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_d not in create_group.cache_subnet_group.subnet_ids
+ - create_group.cache_subnet_group.vpc_id == vpc_id
+ - create_group.cache_subnet_group.arn.startswith('arn:')
+ - create_group.cache_subnet_group.arn.endswith(group_name)
+
+ # ============================================================
+
+ - name: Update Subnet Group Description - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ ## No longer mandatory
+ # subnets:
+ # - '{{ subnet_id_a }}'
+ # - '{{ subnet_id_b }}'
+ check_mode: True
+ register: update_description
+
+ - name: Check result - Update Subnet Group Description - check_mode
+ assert:
+ that:
+ - update_description is successful
+ - update_description is changed
+
+ - name: Update Subnet Group Description
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ ## No longer mandatory
+ # subnets:
+ # - '{{ subnet_id_a }}'
+ # - '{{ subnet_id_b }}'
+ register: update_description
+
+ - name: Check result - Update Subnet Group Description
+ assert:
+ that:
+ - update_description is successful
+ - update_description is changed
+ - '"cache_subnet_group" in update_description'
+ - '"arn" in update_description.cache_subnet_group'
+ - '"description" in update_description.cache_subnet_group'
+ - '"name" in update_description.cache_subnet_group'
+ - '"subnet_ids" in update_description.cache_subnet_group'
+ - '"vpc_id" in update_description.cache_subnet_group'
+ - update_description.cache_subnet_group.description == description_updated
+ - update_description.cache_subnet_group.name == group_name
+ - subnet_id_a in update_description.cache_subnet_group.subnet_ids
+ - subnet_id_b in update_description.cache_subnet_group.subnet_ids
+ - subnet_id_c not in update_description.cache_subnet_group.subnet_ids
+ - subnet_id_d not in update_description.cache_subnet_group.subnet_ids
+ - update_description.cache_subnet_group.vpc_id == vpc_id
+ - update_description.cache_subnet_group.arn.startswith('arn:')
+ - update_description.cache_subnet_group.arn.endswith(group_name)
+
+ - name: Update Subnet Group Description - idempotency - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ ## No longer mandatory
+ # subnets:
+ # - '{{ subnet_id_a }}'
+ # - '{{ subnet_id_b }}'
+ check_mode: True
+ register: update_description
+
+ - name: Check result - Update Subnet Group Description - idempotency - check_mode
+ assert:
+ that:
+ - update_description is successful
+ - update_description is not changed
+
+ - name: Update Subnet Group Description - idempotency
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ ## No longer mandatory
+ # subnets:
+ # - '{{ subnet_id_a }}'
+ # - '{{ subnet_id_b }}'
+ register: update_description
+
+ - name: Check result - Update Subnet Group Description - idempotency
+ assert:
+ that:
+ - update_description is successful
+ - update_description is not changed
+ - '"cache_subnet_group" in update_description'
+ - '"arn" in update_description.cache_subnet_group'
+ - '"description" in update_description.cache_subnet_group'
+ - '"name" in update_description.cache_subnet_group'
+ - '"subnet_ids" in update_description.cache_subnet_group'
+ - '"vpc_id" in update_description.cache_subnet_group'
+ - update_description.cache_subnet_group.description == description_updated
+ - update_description.cache_subnet_group.name == group_name
+ - subnet_id_a in update_description.cache_subnet_group.subnet_ids
+ - subnet_id_b in update_description.cache_subnet_group.subnet_ids
+ - subnet_id_c not in update_description.cache_subnet_group.subnet_ids
+ - subnet_id_d not in update_description.cache_subnet_group.subnet_ids
+ - update_description.cache_subnet_group.vpc_id == vpc_id
+ - update_description.cache_subnet_group.arn.startswith('arn:')
+ - update_description.cache_subnet_group.arn.endswith(group_name)
+
+ # ============================================================
+
+ - name: Update Subnet Group subnets - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ ## No longer mandatory
+ # description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_c }}'
+ - '{{ subnet_id_d }}'
+ check_mode: True
+ register: update_subnets
+
+ - name: Check result - Update Subnet Group subnets - check_mode
+ assert:
+ that:
+ - update_subnets is successful
+ - update_subnets is changed
+
+ - name: Update Subnet Group subnets
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ ## No longer mandatory
+ # description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_c }}'
+ - '{{ subnet_id_d }}'
+ register: update_subnets
+
+ - name: Check result - Update Subnet Group subnets
+ assert:
+ that:
+ - update_subnets is successful
+ - update_subnets is changed
+ - '"cache_subnet_group" in update_subnets'
+ - '"arn" in update_subnets.cache_subnet_group'
+ - '"description" in update_subnets.cache_subnet_group'
+ - '"name" in update_subnets.cache_subnet_group'
+ - '"subnet_ids" in update_subnets.cache_subnet_group'
+ - '"vpc_id" in update_subnets.cache_subnet_group'
+ - update_subnets.cache_subnet_group.description == description_updated
+ - update_subnets.cache_subnet_group.name == group_name
+ - subnet_id_a not in update_subnets.cache_subnet_group.subnet_ids
+ - subnet_id_b not in update_subnets.cache_subnet_group.subnet_ids
+ - subnet_id_c in update_subnets.cache_subnet_group.subnet_ids
+ - subnet_id_d in update_subnets.cache_subnet_group.subnet_ids
+ - update_subnets.cache_subnet_group.vpc_id == vpc_id
+ - update_subnets.cache_subnet_group.arn.startswith('arn:')
+ - update_subnets.cache_subnet_group.arn.endswith(group_name)
+
+ - name: Update Subnet Group subnets - idempotency - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ ## No longer mandatory
+ # description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_c }}'
+ - '{{ subnet_id_d }}'
+ check_mode: True
+ register: update_subnets
+
+ - name: Check result - Update Subnet Group subnets - idempotency - check_mode
+ assert:
+ that:
+ - update_subnets is successful
+ - update_subnets is not changed
+
+ - name: Update Subnet Group subnets - idempotency
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ ## No longer mandatory
+ # description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_c }}'
+ - '{{ subnet_id_d }}'
+ register: update_subnets
+
+ - name: Check result - Update Subnet Group subnets - idempotency
+ assert:
+ that:
+ - update_subnets is successful
+ - update_subnets is not changed
+ - '"cache_subnet_group" in update_subnets'
+ - '"arn" in update_subnets.cache_subnet_group'
+ - '"description" in update_subnets.cache_subnet_group'
+ - '"name" in update_subnets.cache_subnet_group'
+ - '"subnet_ids" in update_subnets.cache_subnet_group'
+ - '"vpc_id" in update_subnets.cache_subnet_group'
+ - update_subnets.cache_subnet_group.description == description_updated
+ - update_subnets.cache_subnet_group.name == group_name
+ - subnet_id_a not in update_subnets.cache_subnet_group.subnet_ids
+ - subnet_id_b not in update_subnets.cache_subnet_group.subnet_ids
+ - subnet_id_c in update_subnets.cache_subnet_group.subnet_ids
+ - subnet_id_d in update_subnets.cache_subnet_group.subnet_ids
+ - update_subnets.cache_subnet_group.vpc_id == vpc_id
+ - update_subnets.cache_subnet_group.arn.startswith('arn:')
+ - update_subnets.cache_subnet_group.arn.endswith(group_name)
+
+ # ============================================================
+
+ - name: Delete Subnet Group - check_mode
+ elasticache_subnet_group:
+ state: absent
+ name: '{{ group_name }}'
+ check_mode: True
+ register: delete_group
+
+ - name: Check result - Delete Subnet Group - check_mode
+ assert:
+ that:
+ - delete_group is changed
+
+ - name: Delete Subnet Group
+ elasticache_subnet_group:
+ state: absent
+ name: '{{ group_name }}'
+ register: delete_group
+
+ - name: Check result - Delete Subnet Group
+ assert:
+ that:
+ - delete_group is changed
+
+ - name: Delete Subnet Group - idempotency - check_mode
+ elasticache_subnet_group:
+ state: absent
+ name: '{{ group_name }}'
+ check_mode: True
+ register: delete_group
+
+ - name: Check result - Delete Subnet Group - idempotency - check_mode
+ assert:
+ that:
+ - delete_group is not changed
+
+ - name: Delete Subnet Group - idempotency
+ elasticache_subnet_group:
+ state: absent
+ name: '{{ group_name }}'
+ register: delete_group
+
+ - name: Check result - Delete Subnet Group - idempotency
+ assert:
+ that:
+ - delete_group is not changed
+
+ # ============================================================
+
+ - name: Create minimal Subnet Group - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ check_mode: True
+ register: create_group
+
+ - name: Check result - Create minimal Subnet Group - check_mode
+ assert:
+ that:
+ - create_group is successful
+ - create_group is changed
+
+ - name: Create minimal Subnet Group
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ register: create_group
+
+ - name: Check result - Create minimal Subnet Group
+ assert:
+ that:
+ - create_group is successful
+ - create_group is changed
+ - '"cache_subnet_group" in create_group'
+ - '"arn" in create_group.cache_subnet_group'
+ - '"description" in create_group.cache_subnet_group'
+ - '"name" in create_group.cache_subnet_group'
+ - '"subnet_ids" in create_group.cache_subnet_group'
+ - '"vpc_id" in create_group.cache_subnet_group'
+ - create_group.cache_subnet_group.description == group_name
+ - create_group.cache_subnet_group.name == group_name
+ - subnet_id_a in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_b not in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_c not in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_d not in create_group.cache_subnet_group.subnet_ids
+ - create_group.cache_subnet_group.vpc_id == vpc_id
+ - create_group.cache_subnet_group.arn.startswith('arn:')
+ - create_group.cache_subnet_group.arn.endswith(group_name)
+
+ - name: Create minimal Subnet Group - idempotency - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ check_mode: True
+ register: create_group
+
+ - name: Check result - Create minimal Subnet Group - idempotency - check_mode
+ assert:
+ that:
+ - create_group is successful
+ - create_group is not changed
+
+ - name: Create minimal Subnet Group - idempotency
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ register: create_group
+
+ - name: Check result - Create minimal Subnet Group - idempotency
+ assert:
+ that:
+ - create_group is successful
+ - create_group is not changed
+ - '"cache_subnet_group" in create_group'
+ - '"arn" in create_group.cache_subnet_group'
+ - '"description" in create_group.cache_subnet_group'
+ - '"name" in create_group.cache_subnet_group'
+ - '"subnet_ids" in create_group.cache_subnet_group'
+ - '"vpc_id" in create_group.cache_subnet_group'
+ - create_group.cache_subnet_group.description == group_name
+ - create_group.cache_subnet_group.name == group_name
+ - subnet_id_a in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_b not in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_c not in create_group.cache_subnet_group.subnet_ids
+ - subnet_id_d not in create_group.cache_subnet_group.subnet_ids
+ - create_group.cache_subnet_group.vpc_id == vpc_id
+ - create_group.cache_subnet_group.arn.startswith('arn:')
+ - create_group.cache_subnet_group.arn.endswith(group_name)
+
+ # ============================================================
+
+ - name: Full Update Subnet Group - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ check_mode: True
+ register: update_complex
+
+ - name: Check result - Full Update Subnet Group - check_mode
+ assert:
+ that:
+ - update_complex is successful
+ - update_complex is changed
+
+ - name: Update Subnet Group
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: update_complex
+
+ - name: Check result - Full Update Subnet Group
+ assert:
+ that:
+ - update_complex is successful
+ - update_complex is changed
+ - '"cache_subnet_group" in update_complex'
+ - '"arn" in update_complex.cache_subnet_group'
+ - '"description" in update_complex.cache_subnet_group'
+ - '"name" in update_complex.cache_subnet_group'
+ - '"subnet_ids" in update_complex.cache_subnet_group'
+ - '"vpc_id" in update_complex.cache_subnet_group'
+ - update_complex.cache_subnet_group.description == description_updated
+ - update_complex.cache_subnet_group.name == group_name
+ - subnet_id_a in update_complex.cache_subnet_group.subnet_ids
+ - subnet_id_b in update_complex.cache_subnet_group.subnet_ids
+ - subnet_id_c not in update_complex.cache_subnet_group.subnet_ids
+ - subnet_id_d not in update_complex.cache_subnet_group.subnet_ids
+ - update_complex.cache_subnet_group.vpc_id == vpc_id
+ - update_complex.cache_subnet_group.arn.startswith('arn:')
+ - update_complex.cache_subnet_group.arn.endswith(group_name)
+
+ - name: Full Update Subnet Group - idempotency - check_mode
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ check_mode: True
+ register: update_complex
+
+ - name: Check result - Full Update Subnet Group - idempotency - check_mode
+ assert:
+ that:
+ - update_complex is successful
+ - update_complex is not changed
+
+ - name: Full Update Subnet Group - idempotency
+ elasticache_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: update_complex
+
+ - name: Check result - Full Update Subnet Group - idempotency
+ assert:
+ that:
+ - update_complex is successful
+ - update_complex is not changed
+ - '"cache_subnet_group" in update_complex'
+ - '"arn" in update_complex.cache_subnet_group'
+ - '"description" in update_complex.cache_subnet_group'
+ - '"name" in update_complex.cache_subnet_group'
+ - '"subnet_ids" in update_complex.cache_subnet_group'
+ - '"vpc_id" in update_complex.cache_subnet_group'
+ - update_complex.cache_subnet_group.description == description_updated
+ - update_complex.cache_subnet_group.name == group_name
+ - subnet_id_a in update_complex.cache_subnet_group.subnet_ids
+ - subnet_id_b in update_complex.cache_subnet_group.subnet_ids
+ - subnet_id_c not in update_complex.cache_subnet_group.subnet_ids
+ - subnet_id_d not in update_complex.cache_subnet_group.subnet_ids
+ - update_complex.cache_subnet_group.vpc_id == vpc_id
+ - update_complex.cache_subnet_group.arn.startswith('arn:')
+ - update_complex.cache_subnet_group.arn.endswith(group_name)
+
+ # ============================================================
+
+ - name: Delete Subnet Group
+ elasticache_subnet_group:
+ state: absent
+ name: '{{ group_name }}'
+ register: delete_group
+
+ - name: Check result - Delete Subnet Group
+ assert:
+ that:
+ - delete_group is changed
+
+ always:
+
+ ################################################
+ # TEARDOWN STARTS HERE
+ ################################################
+
+ - name: Delete Subnet Group
+ elasticache_subnet_group:
+ state: absent
+ name: '{{ group_name }}'
+ ignore_errors: True
+
+ - name: tidy up subnet
+ ec2_vpc_subnet:
+ state: absent
+ cidr: '{{ item }}'
+ vpc_id: '{{ vpc_result.vpc.id }}'
+ loop:
+ - '{{ subnet_cidr_a }}'
+ - '{{ subnet_cidr_b }}'
+ - '{{ subnet_cidr_c }}'
+ - '{{ subnet_cidr_d }}'
+ ignore_errors: True
+
+ - name: tidy up VPC
+ ec2_vpc_net:
+ state: absent
+ name: '{{ vpc_name }}'
+ cidr_block: '{{ vpc_cidr }}'
+ ignore_errors: True
diff --git a/tests/integration/targets/elb_target/tasks/ec2_target.yml b/tests/integration/targets/elb_target/tasks/ec2_target.yml
index 108ffa4d30b..f350672cafe 100644
--- a/tests/integration/targets/elb_target/tasks/ec2_target.yml
+++ b/tests/integration/targets/elb_target/tasks/ec2_target.yml
@@ -17,7 +17,6 @@
- set_fact:
ec2_ami_image: '{{ ec2_amis.images[0].image_id }}'
-
- name: set up testing VPC
ec2_vpc_net:
name: "{{ resource_prefix }}-vpc"
@@ -119,6 +118,33 @@
tags:
Description: "Created by {{ resource_prefix }}"
+ - name: set up testing target group for NLB (type=instance)
+ elb_target_group:
+ name: "{{ tg_name }}-nlb"
+ health_check_port: 80
+ protocol: tcp
+ port: 80
+ vpc_id: '{{ vpc.vpc.id }}'
+ state: present
+ target_type: instance
+ tags:
+ Description: "Created by {{ resource_prefix }}"
+ register: result
+
+ - name: set up testing target group for NLB (type=instance)
+ assert:
+ that:
+ - result.changed
+ - '"health_check_port" in result'
+ - result.port == 80
+ - '"health_check_protocol" in result'
+ - result.health_check_protocol == 'TCP'
+ - '"tags" in result'
+ - '"target_group_arn" in result'
+ - result.target_group_name == "{{ tg_name }}-nlb"
+ - result.target_type == 'instance'
+ - result.vpc_id == '{{ vpc.vpc.id }}'
+
- name: set up ec2 instance to use as a target
ec2_instance:
name: "{{ resource_prefix }}-inst"
@@ -161,6 +187,98 @@
TargetGroupName: "{{ tg_name }}-used"
state: present
+ - name: create a network load balancer
+ elb_network_lb:
+ name: "{{ lb_name }}-nlb"
+ subnets:
+ - "{{ subnet_1.subnet.id }}"
+ - "{{ subnet_2.subnet.id }}"
+ listeners:
+ - Protocol: TCP
+ Port: 80
+ DefaultActions:
+ - Type: forward
+ TargetGroupName: "{{ tg_name }}-nlb"
+ state: present
+ register: result
+
+ - name: create a netwok load balancer
+ assert:
+ that:
+ - result.changed
+ - '"created_time" in result'
+ - '"load_balancer_arn" in result'
+ - '"tags" in result'
+ - result.type == 'network'
+ - result.vpc_id == '{{ vpc.vpc.id }}'
+
+ - name: modify up testing target group for NLB (preserve_client_ip_enabled=false)
+ elb_target_group:
+ name: "{{ tg_name }}-nlb"
+ health_check_port: 80
+ protocol: tcp
+ port: 80
+ vpc_id: '{{ vpc.vpc.id }}'
+ state: present
+ target_type: instance
+ modify_targets: true
+ preserve_client_ip_enabled: false
+ tags:
+ Description: "Created by {{ resource_prefix }}"
+ register: result
+
+ - name: modify up testing target group for NLB (preserve_client_ip_enabled=false)
+ assert:
+ that:
+ - result.changed
+ - result.preserve_client_ip_enabled == 'false'
+ - result.proxy_protocol_v2_enabled == 'false'
+
+ - name: modify up testing target group for NLB (proxy_protocol_v2_enabled=true)
+ elb_target_group:
+ name: "{{ tg_name }}-nlb"
+ health_check_port: 80
+ protocol: tcp
+ port: 80
+ vpc_id: '{{ vpc.vpc.id }}'
+ state: present
+ target_type: instance
+ modify_targets: true
+ proxy_protocol_v2_enabled: true
+ tags:
+ Description: "Created by {{ resource_prefix }}"
+ register: result
+
+ - name: modify up testing target group for NLB (proxy_protocol_v2_enabled=true)
+ assert:
+ that:
+ - result.changed
+ - result.proxy_protocol_v2_enabled == 'true'
+ - result.preserve_client_ip_enabled == 'false'
+
+ - name: (idempotence) modify up testing target group for NLB (preserve_client_ip_enabled=false and proxy_protocol_v2_enabled=true)
+ elb_target_group:
+ name: "{{ tg_name }}-nlb"
+ health_check_port: 80
+ protocol: tcp
+ port: 80
+ vpc_id: '{{ vpc.vpc.id }}'
+ state: present
+ target_type: instance
+ modify_targets: true
+ preserve_client_ip_enabled: false
+ proxy_protocol_v2_enabled: true
+ tags:
+ Description: "Created by {{ resource_prefix }}"
+ register: result
+
+ - name: (idempotence) modify up testing target group for NLB (preserve_client_ip_enabled=false and proxy_protocol_v2_enabled=true)
+ assert:
+ that:
+ - not result.changed
+ - result.proxy_protocol_v2_enabled == 'true'
+ - result.preserve_client_ip_enabled == 'false'
+
# ============================================================
- name:
@@ -363,6 +481,26 @@
- "{{ tg_tcpudp_name }}"
ignore_errors: true
+ - name: remove tcp testing target groups
+ elb_target_group:
+ name: "{{ item }}"
+ protocol: tcp
+ port: 80
+ vpc_id: '{{ vpc.vpc.id }}'
+ state: absent
+ target_type: instance
+ tags:
+ Description: "Created by {{ resource_prefix }}"
+ Protocol: "UDP"
+ wait: true
+ wait_timeout: 400
+ register: removed
+ retries: 10
+ until: removed is not failed
+ with_items:
+ - "{{ tg_name }}-nlb"
+ ignore_errors: true
+
- name: remove application load balancer
elb_application_lb:
name: "{{ lb_name }}"
@@ -385,6 +523,26 @@
until: removed is not failed
ignore_errors: true
+ - name: remove network load balancer
+ elb_network_lb:
+ name: "{{ lb_name }}-nlb"
+ subnets:
+ - "{{ subnet_1.subnet.id }}"
+ - "{{ subnet_2.subnet.id }}"
+ listeners:
+ - Protocol: TCP
+ Port: 80
+ DefaultActions:
+ - Type: forward
+ TargetGroupName: "{{ tg_name }}-nlb"
+ state: absent
+ wait: true
+ wait_timeout: 400
+ register: removed
+ retries: 10
+ until: removed is not failed
+ ignore_errors: true
+
- name: remove testing security group
ec2_group:
state: absent
diff --git a/tests/integration/targets/iam_server_certificate/aliases b/tests/integration/targets/iam_server_certificate/aliases
new file mode 100644
index 00000000000..98e604ec4b3
--- /dev/null
+++ b/tests/integration/targets/iam_server_certificate/aliases
@@ -0,0 +1,3 @@
+cloud/aws
+
+iam_server_certificate_info
diff --git a/tests/integration/targets/iam_server_certificate/defaults/main.yml b/tests/integration/targets/iam_server_certificate/defaults/main.yml
new file mode 100644
index 00000000000..ed97d539c09
--- /dev/null
+++ b/tests/integration/targets/iam_server_certificate/defaults/main.yml
@@ -0,0 +1 @@
+---
diff --git a/tests/integration/targets/iam_server_certificate/meta/main.yml b/tests/integration/targets/iam_server_certificate/meta/main.yml
new file mode 100644
index 00000000000..cb6005d042c
--- /dev/null
+++ b/tests/integration/targets/iam_server_certificate/meta/main.yml
@@ -0,0 +1,3 @@
+dependencies:
+ - prepare_tests
+ - setup_remote_tmp_dir
diff --git a/tests/integration/targets/iam_server_certificate/tasks/main.yml b/tests/integration/targets/iam_server_certificate/tasks/main.yml
new file mode 100644
index 00000000000..f0c6946728a
--- /dev/null
+++ b/tests/integration/targets/iam_server_certificate/tasks/main.yml
@@ -0,0 +1,34 @@
+---
+# iam_server_certificate integration tests
+#
+# Current module limitations:
+#
+- module_defaults:
+ group/aws:
+ aws_access_key: '{{ aws_access_key }}'
+ aws_secret_key: '{{ aws_secret_key }}'
+ security_token: '{{ security_token | default(omit) }}'
+ region: '{{ aws_region }}'
+ block:
+ # Check that the alias works
+ - iam_cert: {}
+ ignore_errors: true
+ register: iam_cert_alias
+
+ - iam_server_certificate: {}
+ ignore_errors: true
+ register: no_args
+
+ - assert:
+ that:
+ - iam_cert_alias is failed
+ - no_args is failed
+ - no_args.msg == iam_cert_alias.msg
+ - no_args.msg.startswith('missing required arguments')
+
+ always:
+ - debug: msg=test
+
+ ################################################
+ # TEARDOWN STARTS HERE
+ ################################################
diff --git a/tests/integration/targets/redshift_subnet_group/aliases b/tests/integration/targets/redshift_subnet_group/aliases
new file mode 100644
index 00000000000..4ef4b2067d0
--- /dev/null
+++ b/tests/integration/targets/redshift_subnet_group/aliases
@@ -0,0 +1 @@
+cloud/aws
diff --git a/tests/integration/targets/redshift_subnet_group/defaults/main.yml b/tests/integration/targets/redshift_subnet_group/defaults/main.yml
new file mode 100644
index 00000000000..ea8921880a9
--- /dev/null
+++ b/tests/integration/targets/redshift_subnet_group/defaults/main.yml
@@ -0,0 +1,42 @@
+---
+availability_zone: '{{ ec2_availability_zone_names[0] }}'
+
+vpc_name: '{{ resource_prefix }}'
+subnet_name_a: '{{ resource_prefix }}-a'
+subnet_name_b: '{{ resource_prefix }}-b'
+subnet_name_c: '{{ resource_prefix }}-c'
+subnet_name_d: '{{ resource_prefix }}-d'
+
+vpc_cidr: '10.{{ 256 | random(seed=resource_prefix) }}.0.0/16'
+subnet_cidr_a: '10.{{ 256 | random(seed=resource_prefix) }}.1.0/24'
+subnet_cidr_b: '10.{{ 256 | random(seed=resource_prefix) }}.2.0/24'
+subnet_cidr_c: '10.{{ 256 | random(seed=resource_prefix) }}.3.0/24'
+subnet_cidr_d: '10.{{ 256 | random(seed=resource_prefix) }}.4.0/24'
+
+subnet_zone_a: '{{ ec2_availability_zone_names[0] }}'
+subnet_zone_b: '{{ ec2_availability_zone_names[1] }}'
+subnet_zone_c: '{{ ec2_availability_zone_names[0] }}'
+subnet_zone_d: '{{ ec2_availability_zone_names[1] }}'
+
+group_name: '{{ resource_prefix }}'
+description_default: 'Subnet Description'
+description_updated: 'updated subnet description'
+
+# Tagging not currently supported, planned with boto3 upgrade
+tags_default:
+ snake_case_key: snake_case_value
+ camelCaseKey: camelCaseValue
+ PascalCaseKey: PascalCaseValue
+ 'key with spaces': value with spaces
+ 'Upper With Spaces': Upper With Spaces
+
+partial_tags:
+ snake_case_key: snake_case_value
+ camelCaseKey: camelCaseValue
+
+updated_tags:
+ updated_snake_case_key: updated_snake_case_value
+ updatedCamelCaseKey: updatedCamelCaseValue
+ UpdatedPascalCaseKey: UpdatedPascalCaseValue
+ 'updated key with spaces': updated value with spaces
+ 'updated Upper With Spaces': Updated Upper With Spaces
diff --git a/tests/integration/targets/redshift_subnet_group/meta/main.yml b/tests/integration/targets/redshift_subnet_group/meta/main.yml
new file mode 100644
index 00000000000..930e8622824
--- /dev/null
+++ b/tests/integration/targets/redshift_subnet_group/meta/main.yml
@@ -0,0 +1,3 @@
+dependencies:
+ - prepare_tests
+ - setup_ec2_facts
diff --git a/tests/integration/targets/redshift_subnet_group/tasks/main.yml b/tests/integration/targets/redshift_subnet_group/tasks/main.yml
new file mode 100644
index 00000000000..e15ee9b9313
--- /dev/null
+++ b/tests/integration/targets/redshift_subnet_group/tasks/main.yml
@@ -0,0 +1,692 @@
+---
+# redshift_subnet_group integration tests
+#
+# Current module limitations:
+# - check_mode not supported
+# - Tagging not supported
+# - Module is not idempotent
+# - Returned values *very* limited
+#
+- module_defaults:
+ group/aws:
+ aws_access_key: '{{ aws_access_key }}'
+ aws_secret_key: '{{ aws_secret_key }}'
+ security_token: '{{ security_token | default(omit) }}'
+ region: '{{ aws_region }}'
+ block:
+
+ # ============================================================
+
+ - name: Create Subnet Group with no subnets - check_mode
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ register: create_group
+ ignore_errors: True
+ check_mode: True
+
+ - name: Check result - Create Subnet Group with no subnets - check_mode
+ assert:
+ that:
+ - create_group is failed
+ # Check we caught the issue before trying to create
+ - '"CreateClusterSubnetGroup" not in create_group.resource_actions'
+ # Check that we don't refer to the boto3 parameter
+ - '"subnetIds" not in create_group.msg'
+ # Loosely check the message
+ - '"subnet" in create_group.msg'
+ - '"At least" in create_group.msg'
+
+ - name: Create Subnet Group with no subnets
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ register: create_group
+ ignore_errors: True
+
+ - name: Check result - Create Subnet Group with no subnets
+ assert:
+ that:
+ - create_group is failed
+ # Check we caught the issue before trying to create
+ - '"CreateClusterSubnetGroup" not in create_group.resource_actions'
+ # Check that we don't refer to the boto3 parameter
+ - '"subnetIds" not in create_group.msg'
+ # Loosely check the message
+ - '"subnet" in create_group.msg'
+ - '"At least" in create_group.msg'
+
+ # ============================================================
+ # Setup infra needed for tests
+ - name: create a VPC
+ ec2_vpc_net:
+ state: present
+ name: '{{ vpc_name }}'
+ cidr_block: '{{ vpc_cidr }}'
+ tags:
+ TestPrefix: '{{ resource_prefix }}'
+ register: vpc_result
+
+ - name: create subnets
+ ec2_vpc_subnet:
+ state: present
+ cidr: '{{ item.cidr }}'
+ az: '{{ item.zone }}'
+ vpc_id: '{{ vpc_result.vpc.id }}'
+ tags:
+ Name: '{{ item.name }}'
+ TestPrefix: '{{ resource_prefix }}'
+ register: vpc_subnet_create
+ loop:
+ - name: '{{ subnet_name_a }}'
+ cidr: '{{ subnet_cidr_a }}'
+ zone: '{{ subnet_zone_a }}'
+ - name: '{{ subnet_name_b }}'
+ cidr: '{{ subnet_cidr_b }}'
+ zone: '{{ subnet_zone_b }}'
+ - name: '{{ subnet_name_c }}'
+ cidr: '{{ subnet_cidr_c }}'
+ zone: '{{ subnet_zone_c }}'
+ - name: '{{ subnet_name_d }}'
+ cidr: '{{ subnet_cidr_d }}'
+ zone: '{{ subnet_zone_d }}'
+
+ - name: Store IDs of subnets and VPC
+ set_fact:
+ vpc_id: '{{ vpc_result.vpc.id }}'
+ subnet_id_a: '{{ vpc_subnet_create.results[0].subnet.id }}'
+ subnet_id_b: '{{ vpc_subnet_create.results[1].subnet.id }}'
+ subnet_id_c: '{{ vpc_subnet_create.results[2].subnet.id }}'
+ subnet_id_d: '{{ vpc_subnet_create.results[3].subnet.id }}'
+
+ # ============================================================
+
+ - name: Create Subnet Group - check_mode
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ group_description: '{{ description_default }}'
+ group_subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: create_group
+ check_mode: True
+
+ - name: Check result - Create Subnet Group - check_mode
+ assert:
+ that:
+ - create_group is successful
+ - create_group is changed
+
+ - name: Create Subnet Group
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ group_description: '{{ description_default }}'
+ group_subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: create_group
+
+ - name: Check result - Create Subnet Group
+ assert:
+ that:
+ - create_group is successful
+ - create_group is changed
+ - '"group" in create_group'
+ - '"name" in create_group.group'
+ - '"vpc_id" in create_group.group'
+ - create_group.group.name == group_name
+ - create_group.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in create_group'
+ - '"description" in create_group.cluster_subnet_group'
+ - '"subnet_ids" in create_group.cluster_subnet_group'
+ - '"vpc_id" in create_group.cluster_subnet_group'
+ - create_group.cluster_subnet_group.name == group_name
+ - create_group.cluster_subnet_group.description == description_default
+ - subnet_id_a in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_b in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_c not in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_d not in create_group.cluster_subnet_group.subnet_ids
+ - create_group.cluster_subnet_group.vpc_id == vpc_id
+
+ - name: Create Subnet Group - idempotency - check_mode
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ group_description: '{{ description_default }}'
+ group_subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: create_group
+ check_mode: True
+
+ - name: Check result - Create Subnet Group - idempotency - check_mode
+ assert:
+ that:
+ - create_group is successful
+ - create_group is not changed
+
+ - name: Create Subnet Group - idempotency
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ group_description: '{{ description_default }}'
+ group_subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: create_group
+
+ - name: Check result - Create Subnet Group - idempotency
+ assert:
+ that:
+ - create_group is successful
+ - create_group is not changed
+ - '"group" in create_group'
+ - '"name" in create_group.group'
+ - '"vpc_id" in create_group.group'
+ - create_group.group.name == group_name
+ - create_group.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in create_group'
+ - '"description" in create_group.cluster_subnet_group'
+ - '"subnet_ids" in create_group.cluster_subnet_group'
+ - '"vpc_id" in create_group.cluster_subnet_group'
+ - create_group.cluster_subnet_group.name == group_name
+ - create_group.cluster_subnet_group.description == description_default
+ - subnet_id_a in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_b in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_c not in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_d not in create_group.cluster_subnet_group.subnet_ids
+ - create_group.cluster_subnet_group.vpc_id == vpc_id
+
+ # ============================================================
+
+ - name: Update Subnet Group Description - check_mode
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ group_description: '{{ description_updated }}'
+ ## No longer mandatory
+ # group_subnets:
+ # - '{{ subnet_id_a }}'
+ # - '{{ subnet_id_b }}'
+ register: update_description
+ check_mode: True
+
+ - name: Check result - Update Subnet Group Description - check_mode
+ assert:
+ that:
+ - update_description is successful
+ - update_description is changed
+
+ - name: Update Subnet Group Description
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ group_description: '{{ description_updated }}'
+ ## No longer mandatory
+ # group_subnets:
+ # - '{{ subnet_id_a }}'
+ # - '{{ subnet_id_b }}'
+ register: update_description
+
+ - name: Check result - Update Subnet Group Description
+ assert:
+ that:
+ - update_description is successful
+ - update_description is changed
+ - '"group" in update_description'
+ - '"name" in update_description.group'
+ - '"vpc_id" in update_description.group'
+ - update_description.group.name == group_name
+ - update_description.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in update_description'
+ - '"description" in update_description.cluster_subnet_group'
+ - '"subnet_ids" in update_description.cluster_subnet_group'
+ - '"vpc_id" in update_description.cluster_subnet_group'
+ - update_description.cluster_subnet_group.name == group_name
+ - update_description.cluster_subnet_group.description == description_updated
+ - subnet_id_a in update_description.cluster_subnet_group.subnet_ids
+ - subnet_id_b in update_description.cluster_subnet_group.subnet_ids
+ - subnet_id_c not in update_description.cluster_subnet_group.subnet_ids
+ - subnet_id_d not in update_description.cluster_subnet_group.subnet_ids
+ - update_description.cluster_subnet_group.vpc_id == vpc_id
+
+ - name: Update Subnet Group Description - idempotency - check_mode
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ group_description: '{{ description_updated }}'
+ ## No longer mandatory
+ # group_subnets:
+ # - '{{ subnet_id_a }}'
+ # - '{{ subnet_id_b }}'
+ register: update_description
+ check_mode: True
+
+ - name: Check result - Update Subnet Group Description - idempotency - check_mode
+ assert:
+ that:
+ - update_description is successful
+ - update_description is not changed
+
+ - name: Update Subnet Group Description - idempotency
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ group_description: '{{ description_updated }}'
+ ## No longer mandatory
+ # group_subnets:
+ # - '{{ subnet_id_a }}'
+ # - '{{ subnet_id_b }}'
+ register: update_description
+
+ - name: Check result - Update Subnet Group Description - idempotency
+ assert:
+ that:
+ - update_description is successful
+ - update_description is not changed
+ - '"group" in update_description'
+ - '"name" in update_description.group'
+ - '"vpc_id" in update_description.group'
+ - update_description.group.name == group_name
+ - update_description.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in update_description'
+ - '"description" in update_description.cluster_subnet_group'
+ - '"subnet_ids" in update_description.cluster_subnet_group'
+ - '"vpc_id" in update_description.cluster_subnet_group'
+ - update_description.cluster_subnet_group.name == group_name
+ - update_description.cluster_subnet_group.description == description_updated
+ - subnet_id_a in update_description.cluster_subnet_group.subnet_ids
+ - subnet_id_b in update_description.cluster_subnet_group.subnet_ids
+ - subnet_id_c not in update_description.cluster_subnet_group.subnet_ids
+ - subnet_id_d not in update_description.cluster_subnet_group.subnet_ids
+ - update_description.cluster_subnet_group.vpc_id == vpc_id
+
+ # ============================================================
+
+ - name: Update Subnet Group subnets - check_mode
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ ## No longer mandatory
+ # group_description: '{{ description_updated }}'
+ group_subnets:
+ - '{{ subnet_id_c }}'
+ - '{{ subnet_id_d }}'
+ register: update_subnets
+ check_mode: True
+
+ - name: Check result - Update Subnet Group subnets - check_mode
+ assert:
+ that:
+ - update_subnets is successful
+ - update_subnets is changed
+
+ - name: Update Subnet Group subnets
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ ## No longer mandatory
+ # group_description: '{{ description_updated }}'
+ group_subnets:
+ - '{{ subnet_id_c }}'
+ - '{{ subnet_id_d }}'
+ register: update_subnets
+
+ - name: Check result - Update Subnet Group subnets
+ assert:
+ that:
+ - update_subnets is successful
+ - update_subnets is changed
+ - '"group" in update_subnets'
+ - '"name" in update_subnets.group'
+ - '"vpc_id" in update_subnets.group'
+ - update_subnets.group.name == group_name
+ - update_subnets.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in update_subnets'
+ - '"description" in update_subnets.cluster_subnet_group'
+ - '"subnet_ids" in update_subnets.cluster_subnet_group'
+ - '"vpc_id" in update_subnets.cluster_subnet_group'
+ - update_subnets.cluster_subnet_group.name == group_name
+ - update_subnets.cluster_subnet_group.description == description_updated
+ - subnet_id_a not in update_subnets.cluster_subnet_group.subnet_ids
+ - subnet_id_b not in update_subnets.cluster_subnet_group.subnet_ids
+ - subnet_id_c in update_subnets.cluster_subnet_group.subnet_ids
+ - subnet_id_d in update_subnets.cluster_subnet_group.subnet_ids
+ - update_subnets.cluster_subnet_group.vpc_id == vpc_id
+
+ - name: Update Subnet Group subnets - idempotency - check_mode
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ ## No longer mandatory
+ # group_description: '{{ description_updated }}'
+ group_subnets:
+ - '{{ subnet_id_c }}'
+ - '{{ subnet_id_d }}'
+ register: update_subnets
+ check_mode: True
+
+ - name: Check result - Update Subnet Group subnets - idempotency - check_mode
+ assert:
+ that:
+ - update_subnets is successful
+ - update_subnets is not changed
+
+ - name: Update Subnet Group subnets - idempotency
+ redshift_subnet_group:
+ state: present
+ group_name: '{{ group_name }}'
+ ## No longer mandatory
+ # group_description: '{{ description_updated }}'
+ group_subnets:
+ - '{{ subnet_id_c }}'
+ - '{{ subnet_id_d }}'
+ register: update_subnets
+
+ - name: Check result - Update Subnet Group subnets - idempotency
+ assert:
+ that:
+ - update_subnets is successful
+ - update_subnets is not changed
+ - '"group" in update_subnets'
+ - '"name" in update_subnets.group'
+ - '"vpc_id" in update_subnets.group'
+ - update_subnets.group.name == group_name
+ - update_subnets.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in update_subnets'
+ - '"description" in update_subnets.cluster_subnet_group'
+ - '"subnet_ids" in update_subnets.cluster_subnet_group'
+ - '"vpc_id" in update_subnets.cluster_subnet_group'
+ - update_subnets.cluster_subnet_group.name == group_name
+ - update_subnets.cluster_subnet_group.description == description_updated
+ - subnet_id_a not in update_subnets.cluster_subnet_group.subnet_ids
+ - subnet_id_b not in update_subnets.cluster_subnet_group.subnet_ids
+ - subnet_id_c in update_subnets.cluster_subnet_group.subnet_ids
+ - subnet_id_d in update_subnets.cluster_subnet_group.subnet_ids
+ - update_subnets.cluster_subnet_group.vpc_id == vpc_id
+
+ # ============================================================
+
+ - name: Delete Subnet Group - check_mode
+ redshift_subnet_group:
+ state: absent
+ group_name: '{{ group_name }}'
+ register: delete_group
+ check_mode: True
+
+ - name: Check result - Delete Subnet Group - check_mode
+ assert:
+ that:
+ - delete_group is changed
+
+ - name: Delete Subnet Group
+ redshift_subnet_group:
+ state: absent
+ group_name: '{{ group_name }}'
+ register: delete_group
+
+ - name: Check result - Delete Subnet Group
+ assert:
+ that:
+ - delete_group is changed
+
+ - name: Delete Subnet Group - idempotency - check_mode
+ redshift_subnet_group:
+ state: absent
+ group_name: '{{ group_name }}'
+ register: delete_group
+ check_mode: True
+
+ - name: Check result - Delete Subnet Group - idempotency - check_mode
+ assert:
+ that:
+ - delete_group is not changed
+
+ - name: Delete Subnet Group - idempotency
+ redshift_subnet_group:
+ state: absent
+ group_name: '{{ group_name }}'
+ register: delete_group
+
+ - name: Check result - Delete Subnet Group - idempotency
+ assert:
+ that:
+ - delete_group is not changed
+
+ # ============================================================
+
+ - name: Create minimal Subnet Group - check_mode
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ register: create_group
+ check_mode: True
+
+ - name: Check result - Create minimal Subnet Group - check_mode
+ assert:
+ that:
+ - create_group is successful
+ - create_group is changed
+
+ - name: Create minimal Subnet Group
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ register: create_group
+
+ - name: Check result - Create minimal Subnet Group
+ assert:
+ that:
+ - create_group is successful
+ - create_group is changed
+ - '"group" in create_group'
+ - '"name" in create_group.group'
+ - '"vpc_id" in create_group.group'
+ - create_group.group.name == group_name
+ - create_group.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in create_group'
+ - '"description" in create_group.cluster_subnet_group'
+ - '"subnet_ids" in create_group.cluster_subnet_group'
+ - '"vpc_id" in create_group.cluster_subnet_group'
+ - create_group.cluster_subnet_group.name == group_name
+ - create_group.cluster_subnet_group.description == group_name
+ - subnet_id_a in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_b not in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_c not in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_d not in create_group.cluster_subnet_group.subnet_ids
+ - create_group.cluster_subnet_group.vpc_id == vpc_id
+
+ - name: Create minimal Subnet Group - idempotency - check_mode
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ register: create_group
+ check_mode: True
+
+ - name: Check result - Create minimal Subnet Group - idempotency - check_mode
+ assert:
+ that:
+ - create_group is successful
+ - create_group is not changed
+
+ - name: Create minimal Subnet Group - idempotency
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ register: create_group
+
+ - name: Check result - Create minimal Subnet Group - idempotency
+ assert:
+ that:
+ - create_group is successful
+ - create_group is not changed
+ - '"group" in create_group'
+ - '"name" in create_group.group'
+ - '"vpc_id" in create_group.group'
+ - create_group.group.name == group_name
+ - create_group.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in create_group'
+ - '"description" in create_group.cluster_subnet_group'
+ - '"subnet_ids" in create_group.cluster_subnet_group'
+ - '"vpc_id" in create_group.cluster_subnet_group'
+ - create_group.cluster_subnet_group.name == group_name
+ - create_group.cluster_subnet_group.description == group_name
+ - subnet_id_a in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_b not in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_c not in create_group.cluster_subnet_group.subnet_ids
+ - subnet_id_d not in create_group.cluster_subnet_group.subnet_ids
+ - create_group.cluster_subnet_group.vpc_id == vpc_id
+
+ # ============================================================
+
+ - name: Full Update Subnet Group - check_mode
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: update_complex
+ check_mode: True
+
+ - name: Check result - Full Update Subnet Group - check_mode
+ assert:
+ that:
+ - update_complex is successful
+ - update_complex is changed
+
+ - name: Full Update Subnet Group
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: update_complex
+
+ - name: Check result - Full Update Subnet Group
+ assert:
+ that:
+ - update_complex is successful
+ - update_complex is changed
+ - '"group" in update_complex'
+ - '"name" in update_complex.group'
+ - '"vpc_id" in update_complex.group'
+ - update_complex.group.name == group_name
+ - update_complex.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in update_complex'
+ - '"description" in update_complex.cluster_subnet_group'
+ - '"subnet_ids" in update_complex.cluster_subnet_group'
+ - '"vpc_id" in update_complex.cluster_subnet_group'
+ - update_complex.cluster_subnet_group.name == group_name
+ - update_complex.cluster_subnet_group.description == description_updated
+ - subnet_id_a in update_complex.cluster_subnet_group.subnet_ids
+ - subnet_id_b in update_complex.cluster_subnet_group.subnet_ids
+ - subnet_id_c not in update_complex.cluster_subnet_group.subnet_ids
+ - subnet_id_d not in update_complex.cluster_subnet_group.subnet_ids
+ - update_complex.cluster_subnet_group.vpc_id == vpc_id
+
+ - name: Full Update Subnet Group - idempotency - check_mode
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: update_complex
+ check_mode: True
+
+ - name: Check result - Full Update Subnet Group - idempotency - check_mode
+ assert:
+ that:
+ - update_complex is successful
+ - update_complex is not changed
+
+ - name: Full Update Subnet Group - idempotency
+ redshift_subnet_group:
+ state: present
+ name: '{{ group_name }}'
+ description: '{{ description_updated }}'
+ subnets:
+ - '{{ subnet_id_a }}'
+ - '{{ subnet_id_b }}'
+ register: update_complex
+
+ - name: Check result - Full Update Subnet Group - idempotency
+ assert:
+ that:
+ - update_complex is successful
+ - update_complex is not changed
+ - '"group" in update_complex'
+ - '"name" in update_complex.group'
+ - '"vpc_id" in update_complex.group'
+ - update_complex.group.name == group_name
+ - update_complex.group.vpc_id == vpc_id
+ - '"cluster_subnet_group" in update_complex'
+ - '"description" in update_complex.cluster_subnet_group'
+ - '"subnet_ids" in update_complex.cluster_subnet_group'
+ - '"vpc_id" in update_complex.cluster_subnet_group'
+ - update_complex.cluster_subnet_group.name == group_name
+ - update_complex.cluster_subnet_group.description == description_updated
+ - subnet_id_a in update_complex.cluster_subnet_group.subnet_ids
+ - subnet_id_b in update_complex.cluster_subnet_group.subnet_ids
+ - subnet_id_c not in update_complex.cluster_subnet_group.subnet_ids
+ - subnet_id_d not in update_complex.cluster_subnet_group.subnet_ids
+ - update_complex.cluster_subnet_group.vpc_id == vpc_id
+
+ # ============================================================
+
+ - name: Delete Subnet Group
+ redshift_subnet_group:
+ state: absent
+ name: '{{ group_name }}'
+ register: delete_group
+
+ - name: Check result - Delete Subnet Group
+ assert:
+ that:
+ - delete_group is changed
+
+ always:
+
+ ################################################
+ # TEARDOWN STARTS HERE
+ ################################################
+
+ - name: Delete Subnet Group
+ redshift_subnet_group:
+ state: absent
+ group_name: '{{ group_name }}'
+ ignore_errors: True
+
+ - name: tidy up subnet
+ ec2_vpc_subnet:
+ state: absent
+ cidr: '{{ item }}'
+ vpc_id: '{{ vpc_result.vpc.id }}'
+ loop:
+ - '{{ subnet_cidr_a }}'
+ - '{{ subnet_cidr_b }}'
+ - '{{ subnet_cidr_c }}'
+ - '{{ subnet_cidr_d }}'
+ ignore_errors: True
+
+ - name: tidy up VPC
+ ec2_vpc_net:
+ state: absent
+ name: '{{ vpc_name }}'
+ cidr_block: '{{ vpc_cidr }}'
+ ignore_errors: True
diff --git a/tests/integration/targets/route53/tasks/main.yml b/tests/integration/targets/route53/tasks/main.yml
index 18f10ae2987..ae80586dbe8 100644
--- a/tests/integration/targets/route53/tasks/main.yml
+++ b/tests/integration/targets/route53/tasks/main.yml
@@ -503,6 +503,42 @@
- alias_record is not failed
- alias_record is not changed
+ - name: 'Create a weighted record'
+ route53:
+ state: present
+ zone: '{{ zone_one }}'
+ record: 'weighted.{{ zone_one }}'
+ type: CNAME
+ value: 'zid_test.{{ zone_one }}'
+ overwrite: True
+ identifier: "host1@www"
+ weight: 100
+ region: '{{ omit }}'
+ register: weighted_record
+ - name: 'This should be changed'
+ assert:
+ that:
+ - weighted_record is not failed
+ - weighted_record is changed
+
+ - name: 'Re-Create a weighted record'
+ route53:
+ state: present
+ zone: '{{ zone_one }}'
+ record: 'weighted.{{ zone_one }}'
+ type: CNAME
+ value: 'zid_test.{{ zone_one }}'
+ overwrite: True
+ identifier: "host1@www"
+ weight: 100
+ region: '{{ omit }}'
+ register: weighted_record
+ - name: 'This should not be changed'
+ assert:
+ that:
+ - weighted_record is not failed
+ - weighted_record is not changed
+
always:
- route53_info:
query: record_sets
@@ -521,6 +557,20 @@
loop: '{{ z1_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}'
when:
- '"AliasTarget" in item'
+ - name: 'Loop over A/AAAA/CNAME records and delete them'
+ route53:
+ state: absent
+ zone: '{{ zone_one }}'
+ record: '{{ item.Name }}'
+ type: '{{ item.Type }}'
+ value: '{{ item.ResourceRecords | map(attribute="Value") | join(",") }}'
+ identifier: '{{ item.SetIdentifier }}'
+ region: '{{ omit }}'
+ ignore_errors: True
+ loop: '{{ z1_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}'
+ when:
+ - '"ResourceRecords" in item'
+ - '"SetIdentifier" in item'
- name: 'Loop over A/AAAA/CNAME records and delete them'
route53:
state: absent
@@ -551,6 +601,21 @@
loop: '{{ z2_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}'
when:
- '"AliasTarget" in item'
+ - name: 'Loop over A/AAAA/CNAME records and delete them'
+ route53:
+ state: absent
+ zone: '{{ zone_two }}'
+ record: '{{ item.Name }}'
+ type: '{{ item.Type }}'
+ value: '{{ item.ResourceRecords | map(attribute="Value") | join(",") }}'
+ identifier: '{{ item.SetIdentifier }}'
+ region: '{{ omit }}'
+ private_zone: true
+ ignore_errors: True
+ loop: '{{ z2_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}'
+ when:
+ - '"ResourceRecords" in item'
+ - '"SetIdentifier" in item'
- name: 'Loop over A/AAAA/CNAME records and delete them'
route53:
state: absent
diff --git a/tests/integration/targets/setup_botocore_pip/defaults/main.yml b/tests/integration/targets/setup_botocore_pip/defaults/main.yml
new file mode 100644
index 00000000000..5a50b775907
--- /dev/null
+++ b/tests/integration/targets/setup_botocore_pip/defaults/main.yml
@@ -0,0 +1,2 @@
+default_botocore_version: '1.18.0'
+default_boto3_version: '1.15.0'
diff --git a/tests/integration/targets/setup_botocore_pip/handlers/main.yml b/tests/integration/targets/setup_botocore_pip/handlers/main.yml
new file mode 100644
index 00000000000..2536d1ac773
--- /dev/null
+++ b/tests/integration/targets/setup_botocore_pip/handlers/main.yml
@@ -0,0 +1,2 @@
+- name: 'Delete temporary pip environment'
+ include_tasks: cleanup.yml
diff --git a/tests/integration/targets/setup_botocore_pip/tasks/cleanup.yml b/tests/integration/targets/setup_botocore_pip/tasks/cleanup.yml
new file mode 100644
index 00000000000..25b3ec27efc
--- /dev/null
+++ b/tests/integration/targets/setup_botocore_pip/tasks/cleanup.yml
@@ -0,0 +1,5 @@
+- name: 'Delete temporary pip environment'
+ file:
+ path: "{{ botocore_pip_directory }}"
+ state: absent
+ no_log: yes
diff --git a/tests/integration/targets/setup_botocore_pip/tasks/main.yml b/tests/integration/targets/setup_botocore_pip/tasks/main.yml
new file mode 100644
index 00000000000..b183b7d726d
--- /dev/null
+++ b/tests/integration/targets/setup_botocore_pip/tasks/main.yml
@@ -0,0 +1,42 @@
+- name: 'Ensure that we have virtualenv available to us'
+ pip:
+ name: virtualenv
+
+- name: 'Create temporary directory for pip environment'
+ tempfile:
+ state: directory
+ prefix: botocore
+ suffix: .test
+ register: botocore_pip_directory
+ notify:
+ - 'Delete temporary pip environment'
+
+- name: 'Record temporary directory'
+ set_fact:
+ botocore_pip_directory: "{{ botocore_pip_directory.path }}"
+
+- set_fact:
+ botocore_virtualenv: "{{ botocore_pip_directory }}/virtualenv"
+ botocore_virtualenv_command: "{{ ansible_python_interpreter }} -m virtualenv"
+
+- set_fact:
+ botocore_virtualenv_interpreter: "{{ botocore_virtualenv }}/bin/python"
+
+- pip:
+ name:
+ - 'boto3{{ _boto3_comparison }}{{ _boto3_version }}'
+ - 'botocore{{ _botocore_comparison }}{{ _botocore_version }}'
+ - 'coverage<5'
+ virtualenv: "{{ botocore_virtualenv }}"
+ virtualenv_command: "{{ botocore_virtualenv_command }}"
+ virtualenv_site_packages: no
+ vars:
+ _boto3_version: '{{ boto3_version | default(default_boto3_version) }}'
+ _botocore_version: '{{ botocore_version | default(default_botocore_version) }}'
+ _is_default_boto3: '{{ _boto3_version == default_boto3_version }}'
+ _is_default_botocore: '{{ _botocore_version == default_botocore_version }}'
+ # Only set the default to >= if the other dep has been updated and the dep has not been set
+ _default_boto3_comparison: '{% if _is_default_boto3 and not _is_default_botocore %}>={% else %}=={% endif %}'
+ _default_botocore_comparison: '{% if _is_default_botocore and not _is_default_boto3 %}>={% else %}=={% endif %}'
+ _boto3_comparison: '{{ boto3_comparison | default(_default_boto3_comparison) }}'
+ _botocore_comparison: '{{ botocore_comparison | default(_default_botocore_comparison) }}'
diff --git a/tests/integration/targets/setup_ec2_facts/defaults/main.yml b/tests/integration/targets/setup_ec2_facts/defaults/main.yml
new file mode 100644
index 00000000000..a09e9a53707
--- /dev/null
+++ b/tests/integration/targets/setup_ec2_facts/defaults/main.yml
@@ -0,0 +1,3 @@
+ec2_ami_name: 'Fedora-Cloud-Base-*.x86_64*'
+ec2_ami_owner_id: '125523088429'
+ec2_ami_ssh_user: 'fedora'
diff --git a/tests/integration/targets/setup_ec2_facts/tasks/main.yml b/tests/integration/targets/setup_ec2_facts/tasks/main.yml
new file mode 100644
index 00000000000..f41791073a3
--- /dev/null
+++ b/tests/integration/targets/setup_ec2_facts/tasks/main.yml
@@ -0,0 +1,53 @@
+---
+# Setup a couple of common facts about the AWS Region
+#
+# Information about availablity zones
+# - ec2_availability_zone_names
+#
+# An EC2 AMI that can be used for spinning up Instances performs as search
+# rather than hardcoding the IDs so we're not limited to specific Regions
+# - ec2_ami_id
+#
+- module_defaults:
+ group/aws:
+ aws_access_key: '{{ aws_access_key }}'
+ aws_secret_key: '{{ aws_secret_key }}'
+ security_token: '{{ security_token | default(omit) }}'
+ region: '{{ aws_region }}'
+
+ run_once: True
+ block:
+ # ============================================================
+
+ - name: Get available AZs
+ aws_az_info:
+ filters:
+ region-name: '{{ aws_region }}'
+ register: _az_info
+
+ - name: Pick an AZ
+ set_fact:
+ ec2_availability_zone_names: '{{ _az_info.availability_zones | selectattr("zone_name", "defined") | map(attribute="zone_name") | list }}'
+
+ # ============================================================
+
+ - name: Get a list of images
+ ec2_ami_info:
+ filters:
+ name: '{{ ec2_ami_name }}'
+ owner-id: '{{ ec2_ami_owner_id }}'
+ architecture: x86_64
+ virtualization-type: hvm
+ root-device-type: ebs
+ register: _images_info
+ # Very spammy
+ no_log: True
+
+ - name: Set Fact for latest AMI
+ vars:
+ latest_image: '{{ _images_info.images | sort(attribute="creation_date") | reverse | first }}'
+ set_fact:
+ ec2_ami_id: '{{ latest_image.image_id }}'
+ ec2_ami_details: '{{ latest_image }}'
+ ec2_ami_root_disk: '{{ latest_image.block_device_mappings[0].device_name }}'
+ ec2_ami_ssh_user: '{{ ec2_ami_ssh_user }}'
diff --git a/tests/integration/targets/setup_sshkey/files/ec2-fingerprint.py b/tests/integration/targets/setup_sshkey/files/ec2-fingerprint.py
new file mode 100644
index 00000000000..ea2f51b0f4c
--- /dev/null
+++ b/tests/integration/targets/setup_sshkey/files/ec2-fingerprint.py
@@ -0,0 +1,33 @@
+#!/usr/bin/env python
+"""
+Reads an OpenSSH Public key and spits out the 'AWS' MD5 sum
+The equivalent of
+
+ssh-keygen -f id_rsa.pub -e -m PKCS8 | openssl pkey -pubin -outform DER | openssl md5 -c | cut -f 2 -d ' '
+
+(but without needing the OpenSSL CLI)
+"""
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+import hashlib
+import sys
+from Crypto.PublicKey import RSA
+
+if len(sys.argv) == 0:
+ ssh_public_key = "id_rsa.pub"
+else:
+ ssh_public_key = sys.argv[1]
+
+with open(ssh_public_key, 'r') as key_fh:
+ data = key_fh.read()
+
+# Convert from SSH format to DER format
+public_key = RSA.importKey(data).exportKey('DER')
+md5digest = hashlib.md5(public_key).hexdigest()
+# Format the md5sum into the normal format
+pairs = zip(md5digest[::2], md5digest[1::2])
+md5string = ":".join(["".join(pair) for pair in pairs])
+
+print(md5string)
diff --git a/tests/integration/targets/setup_sshkey/tasks/main.yml b/tests/integration/targets/setup_sshkey/tasks/main.yml
new file mode 100644
index 00000000000..31bd2176e5c
--- /dev/null
+++ b/tests/integration/targets/setup_sshkey/tasks/main.yml
@@ -0,0 +1,71 @@
+# (c) 2014, James Laska
+
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+
+- name: create a temp dir
+ tempfile:
+ state: directory
+ register: sshkey_dir
+ tags:
+ - prepare
+
+- name: ensure script is available
+ copy:
+ src: ec2-fingerprint.py
+ dest: '{{ sshkey_dir.path }}/ec2-fingerprint.py'
+ mode: 0700
+ tags:
+ - prepare
+
+- name: Set location of SSH keys
+ set_fact:
+ sshkey: '{{ sshkey_dir.path }}/key_one'
+ another_sshkey: '{{ sshkey_dir.path }}/key_two'
+ sshkey_pub: '{{ sshkey_dir.path }}/key_one.pub'
+ another_sshkey_pub: '{{ sshkey_dir.path }}/key_two.pub'
+
+- name: generate sshkey
+ shell: echo 'y' | ssh-keygen -P '' -f '{{ sshkey }}'
+ tags:
+ - prepare
+
+- name: record fingerprint
+ shell: '{{ sshkey_dir.path }}/ec2-fingerprint.py {{ sshkey_pub }}'
+ register: fingerprint
+ tags:
+ - prepare
+
+- name: generate another_sshkey
+ shell: echo 'y' | ssh-keygen -P '' -f {{ another_sshkey }}
+ tags:
+ - prepare
+
+- name: record another fingerprint
+ shell: '{{ sshkey_dir.path }}/ec2-fingerprint.py {{ another_sshkey_pub }}'
+ register: another_fingerprint
+ tags:
+ - prepare
+
+- name: set facts for future roles
+ set_fact:
+ # Public SSH keys (OpenSSH format)
+ key_material: "{{ lookup('file', sshkey_pub) }}"
+ another_key_material: "{{ lookup('file', another_sshkey_pub) }}"
+ # AWS 'fingerprint' (md5digest)
+ fingerprint: '{{ fingerprint.stdout }}'
+ another_fingerprint: '{{ another_fingerprint.stdout }}'
+ tags:
+ - prepare
diff --git a/tests/integration/targets/sns_topic/tasks/main.yml b/tests/integration/targets/sns_topic/tasks/main.yml
index 891b162e4d2..94214b20fa9 100644
--- a/tests/integration/targets/sns_topic/tasks/main.yml
+++ b/tests/integration/targets/sns_topic/tasks/main.yml
@@ -127,7 +127,7 @@
delivery_policy:
http:
defaultHealthyRetryPolicy:
- minDelayTarget: 20
+ minDelayTarget: "20"
maxDelayTarget: 20
numRetries: 3
numMaxDelayRetries: 0
@@ -153,7 +153,7 @@
delivery_policy:
http:
defaultHealthyRetryPolicy:
- minDelayTarget: 20
+ minDelayTarget: "20"
maxDelayTarget: 20
numRetries: 3
numMaxDelayRetries: 0
@@ -179,7 +179,7 @@
delivery_policy:
http:
defaultHealthyRetryPolicy:
- minDelayTarget: 40
+ minDelayTarget: "40"
maxDelayTarget: 40
numRetries: 6
numMaxDelayRetries: 0
diff --git a/tests/requirements.yml b/tests/requirements.yml
index 27240dbf096..3480da42122 100644
--- a/tests/requirements.yml
+++ b/tests/requirements.yml
@@ -1,7 +1,7 @@
integration_tests_dependencies:
-- amazon.aws >= 1.5.0
+- amazon.aws >= 2.0.0
- ansible.windows
- community.crypto
- community.general
unit_tests_dependencies:
-- amazon.aws >= 1.5.0
+- amazon.aws >= 2.0.0
diff --git a/tests/sanity/ignore-2.13.txt b/tests/sanity/ignore-2.13.txt
new file mode 100644
index 00000000000..e5bade76474
--- /dev/null
+++ b/tests/sanity/ignore-2.13.txt
@@ -0,0 +1,3 @@
+plugins/modules/cloudfront_info.py pylint:unnecessary-comprehension # (new test) Should be an easy fix, but testing is a challenge - test are broken and aliases require a wildcard cert in ACM
+plugins/modules/iam.py pylint:unnecessary-comprehension # no tests and module is deprecated
+plugins/modules/route53.py validate-modules:parameter-state-invalid-choice # route53_info needs improvements before we can deprecate this
diff --git a/tests/unit/constraints.txt b/tests/unit/constraints.txt
new file mode 100644
index 00000000000..bd95eb26733
--- /dev/null
+++ b/tests/unit/constraints.txt
@@ -0,0 +1,7 @@
+# Specifically run tests against the oldest versions that we support
+boto3==1.15.0
+botocore==1.18.0
+
+# AWS CLI has `botocore==` dependencies, provide the one that matches botocore
+# to avoid needing to download over a years worth of awscli wheels.
+awscli==1.18.141
diff --git a/tests/unit/requirements.txt b/tests/unit/requirements.txt
index 4b10ff777a4..704c73a25b2 100644
--- a/tests/unit/requirements.txt
+++ b/tests/unit/requirements.txt
@@ -1,3 +1,6 @@
+# Our code is based on the AWS SDKs
+botocore
+boto3
+boto
+
placebo
-botocore>=1.16.0
-boto3>=1.13.0