Add pagination for IAM group API calls (#31554)

get_group and list_attached_policies_for_groups can be paginated
so add pagination handling.

Fixes #31545
pull/31702/head
Will Thames 7 years ago committed by ansibot
parent 6984eecdb9
commit 03abce2d39

@ -160,7 +160,7 @@ users:
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.ec2 import camel_dict_to_snake_dict, ec2_argument_spec, get_aws_connection_info, boto3_conn
from ansible.module_utils.ec2 import HAS_BOTO3
from ansible.module_utils.ec2 import HAS_BOTO3, AWSRetry
import traceback
@ -227,7 +227,11 @@ def create_or_update_group(connection, module):
changed = False
# Get group
try:
group = get_group(connection, module, params['GroupName'])
except ClientError as e:
module.fail_json(msg=e.message, exception=traceback.format_exc(),
**camel_dict_to_snake_dict(e.response))
# If group is None, create it
if group is None:
@ -273,7 +277,12 @@ def create_or_update_group(connection, module):
changed = True
# Manage group memberships
try:
current_group_members = get_group(connection, module, params['GroupName'])['Users']
except ClientError as e:
module.fail_json(msg=e.message, exception=traceback.format_exc(),
**camel_dict_to_snake_dict(e.response))
current_group_members_list = []
for member in current_group_members:
current_group_members_list.append(member['UserName'])
@ -303,7 +312,11 @@ def create_or_update_group(connection, module):
changed = True
# Get the group again
try:
group = get_group(connection, module, params['GroupName'])
except ClientError as e:
module.fail_json(msg=e.message, exception=traceback.format_exc(),
**camel_dict_to_snake_dict(e.response))
module.exit_json(changed=changed, iam_group=camel_dict_to_snake_dict(group))
@ -313,7 +326,12 @@ def destroy_group(connection, module):
params = dict()
params['GroupName'] = module.params.get('name')
if get_group(connection, module, params['GroupName']):
try:
group = get_group(connection, module, params['GroupName'])
except ClientError as e:
module.fail_json(msg=e.message, exception=traceback.format_exc(),
**camel_dict_to_snake_dict(e.response))
if group:
# Remove any attached policies otherwise deletion fails
try:
@ -327,7 +345,11 @@ def destroy_group(connection, module):
# Remove any users in the group otherwise deletion fails
current_group_members_list = []
try:
current_group_members = get_group(connection, module, params['GroupName'])['Users']
except ClientError as e:
module.fail_json(msg=e.message, exception=traceback.format_exc(),
**camel_dict_to_snake_dict(e.response))
for member in current_group_members:
current_group_members_list.append(member['UserName'])
for user in current_group_members_list:
@ -353,29 +375,29 @@ def destroy_group(connection, module):
module.exit_json(changed=True)
@AWSRetry.exponential_backoff()
def get_group(connection, module, name):
params = dict()
params['GroupName'] = name
try:
return connection.get_group(**params)
paginator = connection.get_paginator('get_group')
return paginator.paginate(GroupName=name).build_full_result()
except ClientError as e:
if e.response['Error']['Code'] == 'NoSuchEntity':
return None
else:
module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response))
raise
@AWSRetry.exponential_backoff()
def get_attached_policy_list(connection, module, name):
try:
return connection.list_attached_group_policies(GroupName=name)['AttachedPolicies']
paginator = connection.get_paginator('list_attached_group_policies')
return paginator.paginate(GroupName=name).build_full_result()['AttachedPolicies']
except ClientError as e:
if e.response['Error']['Code'] == 'NoSuchEntity':
return None
else:
module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response))
raise
def main():

Loading…
Cancel
Save