Fixup sanity test issues related to aws_ modules (#64064)

* Add AWS_ boilier plate

* AWS_ modules: clean up missing parameter types

* Remove documentation duplicated by ec2 document fragment

* Add missing documentation for options and sub-options

* Add missing return type documentation

* Remove AWS_ sanity-check ignores

* aws_waf_info: fixup conflicting 'defaults' information about the use of waf_regional

* Wrap URLs in U()

* Add elements entries, because felixfontein asked nicely

* Apply suggestions from code review

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>

* Second round of review comments.
pull/64124/head
Mark Chappell 5 years ago committed by Jill R
parent a5d69f2a26
commit 0a38460176

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -19,10 +22,13 @@ options:
- The domain name of an ACM certificate to limit the search to
aliases:
- name
type: str
statuses:
description:
- Status to filter the certificate results
choices: ['PENDING_VALIDATION', 'ISSUED', 'INACTIVE', 'EXPIRED', 'VALIDATION_TIMED_OUT', 'REVOKED', 'FAILED']
type: list
elements: str
requirements:
- boto3
author:

@ -24,7 +24,7 @@ description:
this is run.
- Beware that there are very hard limits on the rate that
you can call API Gateway's REST API. You may need to patch
your boto. See https://github.com/boto/boto3/issues/876
your boto. See U(https://github.com/boto/boto3/issues/876)
and discuss with your AWS rep.
- swagger_file and swagger_text are passed directly on to AWS
transparently whilst swagger_dict is an ansible dict which is
@ -35,32 +35,40 @@ options:
api_id:
description:
- The ID of the API you want to manage.
type: str
state:
description:
- NOT IMPLEMENTED Create or delete API - currently we always create.
default: present
choices: [ 'present', 'absent' ]
type: str
swagger_file:
description:
- JSON or YAML file containing swagger definitions for API.
Exactly one of swagger_file, swagger_text or swagger_dict must
be present.
type: path
aliases: ['src', 'api_file']
swagger_text:
description:
- Swagger definitions for API in JSON or YAML as a string direct
from playbook.
type: str
swagger_dict:
description:
- Swagger definitions API ansible dictionary which will be
converted to JSON and uploaded.
type: json
stage:
description:
- The name of the stage the API should be deployed to.
type: str
deploy_desc:
description:
- Description of the deployment - recorded and visible in the
AWS console.
default: Automatic deployment by Ansible.
type: str
author:
- 'Michael De La Rue (@mikedlr)'
extends_documentation_fragment:

@ -25,16 +25,24 @@ author:
- Chen Leibovich (@chenl87)
requirements: [ json, botocore, boto3 ]
options:
state:
description: Whether a policy should be present or absent
required: yes
choices: ['absent', 'present']
type: str
policy_name:
description: The name of the scaling policy.
required: yes
type: str
service_namespace:
description: The namespace of the AWS service.
required: yes
choices: ['ecs', 'elasticmapreduce', 'ec2', 'appstream', 'dynamodb']
type: str
resource_id:
description: The identifier of the resource associated with the scalable target.
required: yes
type: str
scalable_dimension:
description: The scalable dimension associated with the scalable target.
required: yes
@ -46,26 +54,54 @@ options:
'dynamodb:table:WriteCapacityUnits',
'dynamodb:index:ReadCapacityUnits',
'dynamodb:index:WriteCapacityUnits']
type: str
policy_type:
description: The policy type.
required: yes
choices: ['StepScaling', 'TargetTrackingScaling']
type: str
step_scaling_policy_configuration:
description: A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling.
required: no
type: dict
target_tracking_scaling_policy_configuration:
description: A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
description:
- A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
- 'Full documentation of the suboptions can be found in the API documentation:'
- 'U(https://docs.aws.amazon.com/autoscaling/application/APIReference/API_TargetTrackingScalingPolicyConfiguration.html)'
required: no
type: dict
suboptions:
CustomizedMetricSpecification:
description: The metric to use if using a customized metric.
type: dict
DisableScaleIn:
description: Whether scaling-in should be disabled.
type: bool
PredefinedMetricSpecification:
description: The metric to use if using a predefined metric.
type: dict
ScaleInCooldown:
description: The time (in seconds) to wait after scaling-in before another scaling action can occur.
type: int
ScaleOutCooldown:
description: The time (in seconds) to wait after scaling-out before another scaling action can occur.
type: int
TargetValue:
description: The target value for the metric
type: float
minimum_tasks:
description: The minimum value to scale to in response to a scale in event.
This parameter is required if you are creating a first new policy for the specified service.
required: no
version_added: "2.6"
type: int
maximum_tasks:
description: The maximum value to scale to in response to a scale out event.
This parameter is required if you are creating a first new policy for the specified service.
required: no
version_added: "2.6"
type: int
override_task_capacity:
description: Whether or not to override values of minimum and/or maximum tasks if it's already set.
required: no

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'supported_by': 'community',
@ -25,6 +28,7 @@ options:
instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
required: false
default: {}
type: dict
extends_documentation_fragment:
- aws
- ec2

@ -2,6 +2,9 @@
# Copyright (c) 2017 Jon Meran <jonathan.meran@sonos.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -24,94 +27,97 @@ options:
- The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores
are allowed.
required: true
type: str
type:
description:
- The type of the compute environment.
required: true
choices: ["MANAGED", "UNMANAGED"]
type: str
state:
description:
- Describes the desired state.
default: "present"
choices: ["present", "absent"]
type: str
compute_environment_state:
description:
- The state of the compute environment. If the state is ENABLED, then the compute environment accepts jobs
from a queue and can scale out automatically based on queues.
default: "ENABLED"
choices: ["ENABLED", "DISABLED"]
type: str
service_role:
description:
- The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS
services on your behalf.
required: true
type: str
compute_resource_type:
description:
- The type of compute resource.
required: true
choices: ["EC2", "SPOT"]
type: str
minv_cpus:
description:
- The minimum number of EC2 vCPUs that an environment should maintain.
required: true
type: int
maxv_cpus:
description:
- The maximum number of EC2 vCPUs that an environment can reach.
required: true
type: int
desiredv_cpus:
description:
- The desired number of EC2 vCPUS in the compute environment.
type: int
instance_types:
description:
- The instance types that may be launched.
required: true
type: list
elements: str
image_id:
description:
- The Amazon Machine Image (AMI) ID used for instances launched in the compute environment.
type: str
subnets:
description:
- The VPC subnets into which the compute resources are launched.
required: true
type: list
elements: str
security_group_ids:
description:
- The EC2 security groups that are associated with instances launched in the compute environment.
required: true
type: list
elements: str
ec2_key_pair:
description:
- The EC2 key pair that is used for instances launched in the compute environment.
type: str
instance_role:
description:
- The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment.
required: true
type: str
tags:
description:
- Key-value pair tags to be applied to resources that are launched in the compute environment.
type: dict
bid_percentage:
description:
- The minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that
instance type before instances are launched. For example, if your bid percentage is 20%, then the Spot price
must be below 20% of the current On-Demand price for that EC2 instance.
type: int
spot_iam_fleet_role:
description:
- The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment.
type: str
requirements:
- boto3

@ -2,6 +2,9 @@
# Copyright (c) 2017 Jon Meran <jonathan.meran@sonos.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -22,29 +25,29 @@ options:
job_definition_arn:
description:
- The arn for the job definition
type: str
job_definition_name:
description:
- The name for the job definition
required: true
type: str
state:
description:
- Describes the desired state.
default: "present"
choices: ["present", "absent"]
type: str
type:
description:
- The type of job definition
required: true
type: str
parameters:
description:
- Default parameter substitution placeholders to set in the job definition. Parameters are specified as a
key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from
the job definition.
type: dict
image:
description:
- The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker
@ -52,29 +55,30 @@ options:
Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes,
and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker
Remote API and the IMAGE parameter of docker run.
type: str
vcpus:
description:
- The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container
section of the Docker Remote API and the --cpu-shares option to docker run. Each vCPU is equivalent to
1,024 CPU shares.
type: int
memory:
description:
- The hard limit (in MiB) of memory to present to the container. If your container attempts to exceed the memory
specified here, the container is killed. This parameter maps to Memory in the Create a container section of the
Docker Remote API and the --memory option to docker run.
type: int
command:
description:
- The command that is passed to the container. This parameter maps to Cmd in the Create a container section of
the Docker Remote API and the COMMAND parameter to docker run. For more information,
see https://docs.docker.com/engine/reference/builder/#cmd.
see U(https://docs.docker.com/engine/reference/builder/#cmd)
type: list
elements: str
job_role_arn:
description:
- The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.
type: str
volumes:
description:
- A list of data volumes used in a job. List of dictionaries.
@ -95,7 +99,8 @@ options:
description:
- The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are
allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints.
type: list
elements: dict
environment:
description:
- The environment variables to pass to a container. This parameter maps to Env in the Create a container section
@ -107,7 +112,8 @@ options:
value:
description:
- The value of the key value pair. For environment variables, this is the value of the environment variable.
type: list
elements: dict
mount_points:
description:
- The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container
@ -123,19 +129,20 @@ options:
sourceVolume:
description:
- The name of the volume to mount.
type: list
elements: dict
readonly_root_filesystem:
description:
- When this parameter is true, the container is given read-only access to its root file system. This parameter
maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option
to docker run.
type: str
privileged:
description:
- When this parameter is true, the container is given elevated privileges on the host container instance
(similar to the root user). This parameter maps to Privileged in the Create a container section of the
Docker Remote API and the --privileged option to docker run.
type: str
ulimits:
description:
- A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section
@ -150,18 +157,19 @@ options:
softLimit:
description:
- The soft limit for the ulimit type.
type: list
elements: dict
user:
description:
- The user name to use inside the container. This parameter maps to User in the Create a container section of
the Docker Remote API and the --user option to docker run.
type: str
attempts:
description:
- Retry strategy - The number of times to move a job to the RUNNABLE status. You may specify between 1 and 10
attempts. If attempts is greater than one, the job is retried if it fails until it has moved to RUNNABLE that
many times.
type: int
requirements:
- boto3
extends_documentation_fragment:

@ -2,6 +2,9 @@
# Copyright (c) 2017 Jon Meran <jonathan.meran@sonos.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -23,19 +26,19 @@ options:
description:
- The name for the job queue
required: true
type: str
state:
description:
- Describes the desired state.
default: "present"
choices: ["present", "absent"]
type: str
job_queue_state:
description:
- The state of the job queue. If the job queue state is ENABLED , it is able to accept jobs.
default: "ENABLED"
choices: ["ENABLED", "DISABLED"]
type: str
priority:
description:
- The priority of the job queue. Job queues with a higher priority (or a lower integer value for the priority
@ -43,7 +46,7 @@ options:
ascending order, for example, a job queue with a priority value of 1 is given scheduling preference over a job
queue with a priority value of 10.
required: true
type: int
compute_environment_order:
description:
- The set of compute environments mapped to a job queue and their order relative to each other. The job
@ -51,7 +54,15 @@ options:
environments must be in the VALID state before you can associate them with a job queue. You can associate up to
3 compute environments with a job queue.
required: true
type: list
elements: dict
suboptions:
order:
type: int
description: The relative priority of the environment.
compute_environment:
type: str
description: The name of the compute environment.
requirements:
- boto3
extends_documentation_fragment:

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],

@ -28,10 +28,12 @@ options:
description:
- Name of the CodeBuild project
required: true
type: str
description:
description:
- Descriptive text of the CodeBuild project
required: false
type: str
source:
description:
- Configure service and location for the build input source.
@ -41,22 +43,28 @@ options:
description:
- "The type of the source. Allows one of these: CODECOMMIT, CODEPIPELINE, GITHUB, S3, BITBUCKET, GITHUB_ENTERPRISE"
required: true
type: str
location:
description:
- Information about the location of the source code to be built. For type CODEPIPELINE location should not be specified.
required: false
type: str
git_clone_depth:
description:
- When using git you can specify the clone depth as an integer here.
required: false
type: int
buildspec:
description:
- The build spec declaration to use for the builds in this build project. Leave empty if part of the code project.
required: false
type: str
insecure_ssl:
description:
- Enable this flag to ignore SSL warnings while connecting to the project source code.
required: false
type: bool
type: dict
artifacts:
description:
- Information about the build output artifacts for the build project.
@ -79,7 +87,7 @@ options:
description:
- Along with path and name, the pattern that AWS CodeBuild will use to determine the name and location to store the output artifacts
- Accepts BUILD_ID and NONE
- "See docs here: http://boto3.readthedocs.io/en/latest/reference/services/codebuild.html#CodeBuild.Client.create_project"
- "See docs here: U(http://boto3.readthedocs.io/en/latest/reference/services/codebuild.html#CodeBuild.Client.create_project)"
required: false
name:
description:
@ -89,6 +97,7 @@ options:
description:
- The type of build output artifact to create on S3, can be NONE for creating a folder or ZIP for a ZIP file
required: false
type: dict
cache:
description:
- Caching params to speed up following builds.
@ -102,6 +111,7 @@ options:
description:
- Caching location on S3.
required: true
type: dict
environment:
description:
- Information about the build environment for the build project.
@ -129,32 +139,47 @@ options:
description:
- Enables running the Docker daemon inside a Docker container. Set to true only if the build project is be used to build Docker images.
required: false
type: dict
service_role:
description:
- The ARN of the AWS IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
required: false
type: str
timeout_in_minutes:
description:
- How long CodeBuild should wait until timing out any build that has not been marked as completed.
default: 60
required: false
type: int
encryption_key:
description:
- The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
required: false
type: str
tags:
description:
- A set of tags for the build project.
required: false
type: list
elements: dict
suboptions:
key:
description: The name of the Tag.
type: str
value:
description: The value of the Tag.
type: str
vpc_config:
description:
- The VPC config enables AWS CodeBuild to access resources in an Amazon VPC.
required: false
type: dict
state:
description:
- Create or remove code build project.
default: 'present'
choices: ['present', 'absent']
type: str
extends_documentation_fragment:
- aws
- ec2

@ -3,6 +3,9 @@
# Copyright: (c) 2018, Shuang Wang <ooocamel@icloud.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'status': ['preview'],
'supported_by': 'community',
'metadata_version': '1.1'}
@ -27,18 +30,20 @@ options:
description:
- name of repository.
required: true
type: str
description:
description:
- description or comment of repository.
required: false
aliases:
- comment
type: str
state:
description:
- Specifies the state of repository.
required: true
choices: [ 'present', 'absent' ]
type: str
extends_documentation_fragment:
- aws
- ec2

@ -28,10 +28,12 @@ options:
description:
- Name of the pipeline
required: true
type: str
role_arn:
description:
- ARN of the IAM role to use when executing the pipeline
required: true
type: str
artifact_store:
description:
- Location information where artifacts are stored (on S3). Dictionary with fields type and location.
@ -40,9 +42,12 @@ options:
type:
description:
- Type of the artifacts storage (only 'S3' is currently supported).
type: str
location:
description:
- Bucket name for artifacts.
type: str
type: dict
stages:
description:
- List of stages to perform in the CodePipeline. List of dictionaries containing name and actions for each stage.
@ -51,18 +56,27 @@ options:
name:
description:
- Name of the stage (step) in the codepipeline
type: str
actions:
description:
- List of action configurations for that stage.
- 'See the boto3 documentation for full documentation of suboptions:'
- 'U(https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/codepipeline.html#CodePipeline.Client.create_pipeline)'
type: list
elements: dict
elements: dict
type: list
version:
description:
- Version number of the pipeline. This number is automatically incremented when a pipeline is updated.
required: false
type: int
state:
description:
- Create or remove code pipeline
default: 'present'
choices: ['present', 'absent']
type: str
extends_documentation_fragment:
- aws
- ec2

@ -28,12 +28,15 @@ options:
- Whether the Config rule should be present or absent.
default: present
choices: ['present', 'absent']
type: str
authorized_account_id:
description:
- The 12-digit account ID of the account authorized to aggregate data.
type: str
authorized_aws_region:
description:
- The region authorized to collect aggregated data.
type: str
extends_documentation_fragment:
- aws
- ec2

@ -27,11 +27,13 @@ options:
description:
- The name of the AWS Config resource.
required: true
type: str
state:
description:
- Whether the Config rule should be present or absent.
default: present
choices: ['present', 'absent']
type: str
account_sources:
description:
- Provides a list of source accounts and regions to be aggregated.
@ -39,12 +41,19 @@ options:
account_ids:
description:
- A list of 12-digit account IDs of accounts being aggregated.
type: list
elements: str
aws_regions:
description:
- A list of source regions being aggregated.
type: list
elements: str
all_aws_regions:
description:
- If true, aggregate existing AWS Config regions and future regions.
type: bool
type: list
elements: dict
organization_source:
description:
- The region authorized to collect aggregated data.
@ -52,12 +61,17 @@ options:
role_arn:
description:
- ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
type: str
aws_regions:
description:
- The source regions being aggregated.
type: list
elements: str
all_aws_regions:
description:
- If true, aggregate existing AWS Config regions and future regions.
type: bool
type: dict
extends_documentation_fragment:
- aws
- ec2

@ -27,24 +27,30 @@ options:
description:
- The name of the AWS Config resource.
required: true
type: str
state:
description:
- Whether the Config rule should be present or absent.
default: present
choices: ['present', 'absent']
type: str
s3_bucket:
description:
- The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
type: str
s3_prefix:
description:
- The prefix for the specified Amazon S3 bucket.
type: str
sns_topic_arn:
description:
- The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
type: str
delivery_frequency:
description:
- The frequency with which AWS Config delivers configuration snapshots.
choices: ['One_Hour', 'Three_Hours', 'Six_Hours', 'Twelve_Hours', 'TwentyFour_Hours']
type: str
extends_documentation_fragment:
- aws
- ec2

@ -27,15 +27,18 @@ options:
description:
- The name of the AWS Config resource.
required: true
type: str
state:
description:
- Whether the Config rule should be present or absent.
default: present
choices: ['present', 'absent']
type: str
role_arn:
description:
- Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources associated with the account.
- Required when state=present
type: str
recording_group:
description:
- Specifies the types of AWS resources for which AWS Config records configuration changes.
@ -61,6 +64,7 @@ options:
- A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example,
`AWS::EC2::Instance` or `AWS::CloudTrail::Trail`).
- Before you can set this option to `true`, you must set the `all_supported` option to `false`.
type: dict
extends_documentation_fragment:
- aws
- ec2

@ -27,14 +27,17 @@ options:
description:
- The name of the AWS Config resource.
required: true
type: str
state:
description:
- Whether the Config rule should be present or absent.
default: present
choices: ['present', 'absent']
type: str
description:
description:
- The description that you provide for the AWS Config rule.
type: str
scope:
description:
- Defines which resources can trigger an evaluation for the rule.
@ -54,6 +57,7 @@ options:
description:
- The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule.
If you specify a value for `tag_value`, you must also specify a value for `tag_key`.
type: dict
source:
description:
- Provides the rule owner (AWS or customer), the rule identifier, and the notifications that cause the function to
@ -74,13 +78,16 @@ options:
- Key `EventSource` The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.
- Key `MessageType` The type of notification that triggers AWS Config to run an evaluation for a rule.
- Key `MaximumExecutionFrequency` The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger.
type: dict
input_parameters:
description:
- A string, in JSON format, that is passed to the AWS Config rule Lambda function.
type: str
execution_frequency:
description:
- The maximum frequency with which AWS Config runs evaluations for a rule.
choices: ['One_Hour', 'Three_Hours', 'Six_Hours', 'Twelve_Hours', 'TwentyFour_Hours']
type: str
extends_documentation_fragment:
- aws
- ec2

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -30,29 +33,35 @@ options:
choices:
- present
- absent
type: str
name:
description:
- The name of the Direct Connect connection. This is required to create a
new connection. To recreate or delete a connection I(name) or I(connection_id)
is required.
type: str
connection_id:
description:
- The ID of the Direct Connect connection. I(name) or I(connection_id) is
required to recreate or delete a connection. Modifying attributes of a
connection with I(forced_update) will result in a new Direct Connect connection ID.
type: str
location:
description:
- Where the Direct Connect connection is located. Required when I(state=present).
type: str
bandwidth:
description:
- The bandwidth of the Direct Connect connection. Required when I(state=present).
choices:
- 1Gbps
- 10Gbps
type: str
link_aggregation_group:
description:
- The ID of the link aggregation group you want to associate with the connection.
This is optional in case a stand-alone connection is desired.
type: str
forced_update:
description:
- To modify bandwidth or location the connection will need to be deleted and recreated.

@ -33,22 +33,32 @@ options:
required: false
default: present
choices: [ "present", "absent"]
type: str
name:
description:
- name of the dxgw to be created or deleted
required: false
type: str
amazon_asn:
description:
- amazon side asn
required: true
type: str
direct_connect_gateway_id:
description:
- id of an existing direct connect gateway
required: false
type: str
virtual_gateway_id:
description:
- vpn gateway id of an existing virtual gateway
required: false
type: str
wait_timeout:
description:
- How long to wait for the association to be deleted
type: int
default: 320
'''
EXAMPLES = '''
@ -78,14 +88,19 @@ result:
contains:
amazon_side_asn:
description: ASN on the amazon side.
type: str
direct_connect_gateway_id:
description: The ID of the direct connect gateway.
type: str
direct_connect_gateway_name:
description: The name of the direct connect gateway.
type: str
direct_connect_gateway_state:
description: The state of the direct connect gateway.
type: str
owner_account:
description: The AWS account ID of the owner of the direct connect gateway.
type: str
'''
import time

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -28,24 +31,31 @@ options:
choices:
- present
- absent
type: str
name:
description:
- The name of the Direct Connect link aggregation group.
type: str
link_aggregation_group_id:
description:
- The ID of the Direct Connect link aggregation group.
type: str
num_connections:
description:
- The number of connections with which to initialize the link aggregation group.
type: int
min_links:
description:
- The minimum number of physical connections that must be operational for the LAG itself to be operational.
type: int
location:
description:
- The location of the link aggregation group.
type: str
bandwidth:
description:
- The bandwidth of the link aggregation group.
type: str
force_delete:
description:
- This allows the minimum number of links to be set to 0, any hosted connections disassociated,
@ -54,6 +64,7 @@ options:
connection_id:
description:
- A connection ID to link with the link aggregation group upon creation.
type: str
delete_with_disassociation:
description:
- To be used with I(state=absent) to delete connections after disassociating them with the LAG.
@ -67,6 +78,7 @@ options:
description:
- The duration in seconds to wait if I(wait) is True.
default: 120
type: int
"""
EXAMPLES = """

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -23,10 +26,12 @@ options:
description:
- The desired state of the Direct Connect virtual interface.
choices: [present, absent]
type: str
id_to_associate:
description:
- The ID of the link aggregation group or connection to associate with the virtual interface.
aliases: [link_aggregation_group_id, connection_id]
type: str
public:
description:
- The type of virtual interface.
@ -34,35 +39,46 @@ options:
name:
description:
- The name of the virtual interface.
type: str
vlan:
description:
- The VLAN ID.
default: 100
type: int
bgp_asn:
description:
- The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
default: 65000
type: int
authentication_key:
description:
- The authentication key for BGP configuration.
type: str
amazon_address:
description:
- The amazon address CIDR with which to create the virtual interface.
type: str
customer_address:
description:
- The customer address CIDR with which to create the virtual interface.
type: str
address_type:
description:
- The type of IP address for the BGP peer.
type: str
cidr:
description:
- A list of route filter prefix CIDRs with which to create the public virtual interface.
type: list
elements: str
virtual_gateway_id:
description:
- The virtual gateway ID required for creating a private virtual interface.
type: str
virtual_interface_id:
description:
- The virtual interface ID.
type: str
extends_documentation_fragment:
- aws
- ec2

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
@ -22,32 +25,40 @@ options:
name:
description: Name of EKS cluster
required: True
type: str
version:
description: Kubernetes version - defaults to latest
type: str
role_arn:
description: ARN of IAM role used by the EKS cluster
type: str
subnets:
description: list of subnet IDs for the Kubernetes cluster
type: list
elements: str
security_groups:
description: list of security group names or IDs
type: list
elements: str
state:
description: desired state of the EKS cluster
choices:
- absent
- present
default: present
type: str
wait:
description: >-
Specifies whether the module waits until the cluster is active or deleted
before moving on. It takes "usually less than 10 minutes" per AWS documentation.
type: bool
default: 'no'
default: false
wait_timeout:
description: >-
The duration in seconds to wait for the cluster to become active. Defaults
to 1200 seconds (20 minutes).
default: 1200
type: int
requirements: [ 'botocore', 'boto3' ]
extends_documentation_fragment:

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
@ -23,14 +26,17 @@ options:
description:
- name of the beanstalk application you wish to manage
aliases: [ 'name' ]
type: str
description:
description:
- the description of the application
type: str
state:
description:
- whether to ensure the application is present or absent
default: present
choices: ['absent','present']
type: str
terminate_by_force:
description:
- when set to true, running environments will be terminated before deleting the application

@ -1,8 +1,10 @@
#!/usr/bin/python
# Copyright: (c) 2018, Rob White (@wimnat)
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -22,41 +24,52 @@ options:
- The ID of the Data Catalog in which to create the connection. If none is supplied,
the AWS account ID is used by default.
required: false
type: str
connection_properties:
description:
- A dict of key-value pairs used as parameters for this connection.
required: true
type: dict
connection_type:
description:
- The type of the connection. Currently, only JDBC is supported; SFTP is not supported.
required: false
default: JDBC
choices: [ 'JDBC', 'SFTP' ]
type: str
description:
description:
- The description of the connection.
required: false
type: str
match_criteria:
description:
- A list of UTF-8 strings that specify the criteria that you can use in selecting this connection.
required: false
type: list
elements: str
name:
description:
- The name of the connection.
required: true
type: str
security_groups:
description:
- A list of security groups to be used by the connection. Use either security group name or ID.
required: false
type: list
elements: str
state:
description:
- Create or delete the AWS Glue connection.
required: true
choices: [ 'present', 'absent' ]
type: str
subnet_id:
description:
- The subnet ID used by the connection.
required: false
type: str
extends_documentation_fragment:
- aws
- ec2

@ -1,8 +1,10 @@
#!/usr/bin/python
# Copyright: (c) 2018, Rob White (@wimnat)
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -23,54 +25,67 @@ options:
can be allocated; the default is 10. A DPU is a relative measure of processing power that consists
of 4 vCPUs of compute capacity and 16 GB of memory.
required: false
type: int
command_name:
description:
- The name of the job command. This must be 'glueetl'.
required: false
default: glueetl
type: str
command_script_location:
description:
- The S3 path to a script that executes a job.
required: true
type: str
connections:
description:
- A list of Glue connections used for this job.
required: false
type: list
elements: str
default_arguments:
description:
- A dict of default arguments for this job. You can specify arguments here that your own job-execution
script consumes, as well as arguments that AWS Glue itself consumes.
required: false
type: dict
description:
description:
- Description of the job being defined.
required: false
type: str
max_concurrent_runs:
description:
- The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when
this threshold is reached. The maximum value you can specify is controlled by a service limit.
required: false
type: int
max_retries:
description:
- The maximum number of times to retry this job if it fails.
required: false
type: int
name:
description:
- The name you assign to this job definition. It must be unique in your account.
required: true
type: str
role:
description:
- The name or ARN of the IAM role associated with this job.
required: true
type: str
state:
description:
- Create or delete the AWS Glue job.
required: true
choices: [ 'present', 'absent' ]
type: str
timeout:
description:
- The job timeout in minutes.
required: false
type: int
extends_documentation_fragment:
- aws
- ec2

@ -2,6 +2,9 @@
# Copyright (c) 2018 Dennis Conrad for Sainsbury's
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -21,6 +24,7 @@ options:
- The user-defined name that identifies the assessment target. The name
must be unique within the AWS account.
required: true
type: str
state:
description:
- The state of the assessment target.
@ -28,10 +32,12 @@ options:
- absent
- present
default: present
type: str
tags:
description:
- Tags of the EC2 instances to be added to the assessment target.
- Required if C(state=present).
type: dict
extends_documentation_fragment:
- aws
- ec2

@ -1,8 +1,10 @@
#!/usr/bin/python
# -*- coding: utf-8 -*
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -27,12 +29,14 @@ options:
required: false
aliases:
- key_alias
type: str
key_id:
description:
- Key ID or ARN of the key. One of C(alias) or C(key_id) are required.
required: false
aliases:
- key_arn
type: str
policy_mode:
description:
- (deprecated) Grant or deny access.
@ -43,6 +47,7 @@ options:
choices: [ grant, deny ]
aliases:
- mode
type: str
policy_role_name:
description:
- (deprecated) Role to allow/deny access. One of C(policy_role_name) or C(policy_role_arn) are required.
@ -52,12 +57,14 @@ options:
required: false
aliases:
- role_name
type: str
policy_role_arn:
description:
- (deprecated) ARN of role to allow/deny access. One of C(policy_role_name) or C(policy_role_arn) are required.
- Used for modifying the Key Policy rather than modifying a grant and only
works on the default policy created through the AWS Console.
- This option has been deprecated, and will be removed in 2.13. Use I(policy) instead.
type: str
required: false
aliases:
- role_arn
@ -70,6 +77,8 @@ options:
required: false
aliases:
- grant_types
type: list
elements: str
policy_clean_invalid_entries:
description:
- (deprecated) If adding/removing a role and invalid grantees are found, remove them. These entries will cause an update to fail in all known cases.
@ -91,6 +100,7 @@ options:
- absent
default: present
version_added: 2.8
type: str
enabled:
description: Whether or not a key is enabled
default: True
@ -101,9 +111,11 @@ options:
A description of the CMK. Use a description that helps you decide
whether the CMK is appropriate for a task.
version_added: 2.8
type: str
tags:
description: A dictionary of tags to apply to a key.
version_added: 2.8
type: dict
purge_tags:
description: Whether the I(tags) argument should cause tags not in the list to
be removed
@ -121,18 +133,39 @@ options:
- A list of grants to apply to the key. Each item must contain I(grantee_principal).
Each item can optionally contain I(retiring_principal), I(operations), I(constraints),
I(name).
- Valid operations are C(Decrypt), C(Encrypt), C(GenerateDataKey), C(GenerateDataKeyWithoutPlaintext),
C(ReEncryptFrom), C(ReEncryptTo), C(CreateGrant), C(RetireGrant), C(DescribeKey), C(Verify) and
C(Sign)
- Constraints is a dict containing C(encryption_context_subset) or C(encryption_context_equals),
either or both being a dict specifying an encryption context match.
See U(https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html)
- I(grantee_principal) and I(retiring_principal) must be ARNs
- 'For full documentation of suboptions see the boto3 documentation:'
- 'U(https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/kms.html#KMS.Client.create_grant)'
version_added: 2.8
type: list
elements: dict
suboptions:
grantee_principal:
description: The full ARN of the principal being granted permissions.
required: true
type: str
retiring_principal:
description: The full ARN of the principal permitted to revoke/retire the grant.
type: str
operations:
type: list
elements: str
description:
- A list of operations that the grantee may perform using the CMK.
choices: ['Decrypt', 'Encrypt', 'GenerateDataKey', 'GenerateDataKeyWithoutPlaintext', 'ReEncryptFrom', 'ReEncryptTo',
'CreateGrant', 'RetireGrant', 'DescribeKey', 'Verify', 'Sign']
constraints:
description:
- Constraints is a dict containing C(encryption_context_subset) or C(encryption_context_equals),
either or both being a dict specifying an encryption context match.
See U(https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html) or
U(https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/kms.html#KMS.Client.create_grant)
type: dict
policy:
description:
- policy to apply to the KMS key
- See U(https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)
type: str
version_added: 2.8
author:
- Ted Timmons (@tedder)

@ -1,17 +1,9 @@
#!/usr/bin/python
#
# This is a free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This Ansible library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this library. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
@ -34,6 +26,7 @@ options:
The filters aren't natively supported by boto3, but are supported to provide similar
functionality to other modules. Standard tag filters (C(tag-key), C(tag-value) and
C(tag:tagName)) are available, as are C(key-id) and C(alias)
type: dict
pending_deletion:
description: Whether to get full details (tags, grants etc.) of keys pending deletion
default: False

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'supported_by': 'community',
@ -24,6 +27,7 @@ options:
possible filters. Filter names and values are case sensitive. You can also use underscores
instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
default: {}
type: dict
extends_documentation_fragment:
- aws
- ec2

@ -1,18 +1,9 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['stableinterface'],
@ -31,22 +22,16 @@ notes:
- In 2.4, this module has been renamed from C(s3) into M(aws_s3).
version_added: "1.1"
options:
aws_access_key:
description:
- AWS access key id. If not set then the value of the AWS_ACCESS_KEY environment variable is used.
aliases: [ 'ec2_access_key', 'access_key' ]
aws_secret_key:
description:
- AWS secret key. If not set then the value of the AWS_SECRET_KEY environment variable is used.
aliases: ['ec2_secret_key', 'secret_key']
bucket:
description:
- Bucket name.
required: true
type: str
dest:
description:
- The destination file path when downloading an object/key with a GET operation.
version_added: "1.3"
type: path
encrypt:
description:
- When set for PUT mode, asks for server-side encryption.
@ -61,27 +46,34 @@ options:
- AES256
- aws:kms
version_added: "2.7"
expiration:
type: str
expiry:
description:
- Time limit (in seconds) for the URL generated and returned by S3/Walrus when performing a mode=put or mode=geturl operation.
default: 600
aliases: ['expiration']
type: int
headers:
description:
- Custom headers for PUT operation, as a dictionary of 'key=value' and 'key=value,key=value'.
version_added: "2.0"
type: dict
marker:
description:
- Specifies the key to start with when using list mode. Object keys are returned in alphabetical order, starting with key after the marker in order.
version_added: "2.0"
type: str
max_keys:
description:
- Max number of results to return in list mode, set this if you want to retrieve fewer than the default 1000 keys.
default: 1000
version_added: "2.0"
type: int
metadata:
description:
- Metadata for PUT operation, as a dictionary of 'key=value' and 'key=value,key=value'.
version_added: "1.6"
type: dict
mode:
description:
- Switches the module behaviour between put (upload), get (download), geturl (return download url, Ansible 1.3+),
@ -89,26 +81,32 @@ options:
and delobj (delete object, Ansible 2.0+).
required: true
choices: ['get', 'put', 'delete', 'create', 'geturl', 'getstr', 'delobj', 'list']
type: str
object:
description:
- Keyname of the object inside the bucket. Can be used to create "virtual directories", see examples.
type: str
permission:
description:
- This option lets the user set the canned permissions on the object/bucket that are created.
The permissions that can be set are 'private', 'public-read', 'public-read-write', 'authenticated-read' for a bucket or
'private', 'public-read', 'public-read-write', 'aws-exec-read', 'authenticated-read', 'bucket-owner-read',
'bucket-owner-full-control' for an object. Multiple permissions can be specified as a list.
default: private
default: ['private']
version_added: "2.0"
type: list
elements: str
prefix:
description:
- Limits the response to keys that begin with the specified prefix for list mode
default: ""
version_added: "2.0"
type: str
version:
description:
- Version ID of the object inside the bucket. Can be used to get a specific version of a file if versioning is enabled in the target bucket.
version_added: "2.0"
type: str
overwrite:
description:
- Force overwrite either locally on the filesystem or remotely with the object/key. Used with PUT and GET operations.
@ -119,21 +117,19 @@ options:
default: 'always'
aliases: ['force']
version_added: "1.2"
region:
description:
- "AWS region to create the bucket in. If not set then the value of the AWS_REGION and EC2_REGION environment variables
are checked, followed by the aws_region and ec2_region settings in the Boto config file. If none of those are set the
region defaults to the S3 Location: US Standard. Prior to ansible 1.8 this parameter could be specified but had no effect."
version_added: "1.8"
type: str
retries:
description:
- On recoverable failure, how many times to retry before actually failing.
default: 0
version_added: "2.0"
type: int
aliases: ['retry']
s3_url:
description:
- S3 URL endpoint for usage with Ceph, Eucalyptus and fakes3 etc. Otherwise assumes AWS.
aliases: [ S3_URL ]
type: str
dualstack:
description:
- Enables Amazon S3 Dual-Stack Endpoints, allowing S3 communications using both IPv4 and IPv6.
@ -151,6 +147,7 @@ options:
description:
- The source file path when performing a PUT operation.
version_added: "1.3"
type: str
ignore_nonexistent_bucket:
description:
- "Overrides initial bucket lookups in case bucket or iam policies are restrictive. Example: a user may have the
@ -162,7 +159,7 @@ options:
description:
- KMS key id to use when encrypting objects using C(aws:kms) encryption. Ignored if encryption is not C(aws:kms)
version_added: "2.7"
type: str
requirements: [ "boto3", "botocore" ]
author:
- "Lester Wade (@lwade)"

@ -25,43 +25,53 @@ options:
description:
- Friendly name for the secret you are creating.
required: true
type: str
state:
description:
- Whether the secret should be exist or not.
default: 'present'
choices: ['present', 'absent']
type: str
recovery_window:
description:
- Only used if state is absent.
- Specifies the number of days that Secrets Manager waits before it can delete the secret.
- If set to 0, the deletion is forced without recovery.
default: 30
type: int
description:
description:
- Specifies a user-provided description of the secret.
type: str
kms_key_id:
description:
- Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be
used to encrypt the `secret_string` or `secret_binary` values in the versions stored in this secret.
type: str
secret_type:
description:
- Specifies the type of data that you want to encrypt.
choices: ['binary', 'string']
default: 'string'
type: str
secret:
description:
- Specifies string or binary data that you want to encrypt and store in the new version of the secret.
default: ""
type: str
tags:
description:
- Specifies a list of user-defined tags that are attached to the secret.
type: dict
rotation_lambda:
description:
- Specifies the ARN of the Lambda function that can rotate the secret.
type: str
rotation_interval:
description:
- Specifies the number of days between automatic scheduled rotations of the secret.
default: 30
type: int
extends_documentation_fragment:
- ec2
- aws

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
@ -25,10 +28,12 @@ options:
- This is the email address or domain to verify / delete.
- If this contains an '@' then it will be considered an email. Otherwise it will be considered a domain.
required: true
type: str
state:
description: Whether to create(or update) or delete the identity.
default: present
choices: [ 'present', 'absent' ]
type: str
bounce_notifications:
description:
- Setup the SNS topic used to report bounce notifications.
@ -45,6 +50,7 @@ options:
- If I(topic) is not specified this will have no impact, but the SES setting is updated even if there is no topic.
type: bool
default: No
type: dict
complaint_notifications:
description:
- Setup the SNS topic used to report complaint notifications.
@ -61,6 +67,7 @@ options:
- If I(topic) is not specified this will have no impact, but the SES setting is updated even if there is no topic.
type: bool
default: No
type: dict
delivery_notifications:
description:
- Setup the SNS topic used to report delivery notifications.
@ -76,6 +83,7 @@ options:
- If I(topic) is not specified this will have no impact, but the SES setting is updated even if there is no topic.
type: bool
default: No
type: dict
feedback_forwarding:
description:
- Whether or not to enable feedback forwarding.

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
@ -25,15 +28,19 @@ options:
The SES identity to attach or remove a policy from. This can be either the full ARN or just
the verified email or domain.
required: true
type: str
policy_name:
description: The name used to identify the policy within the scope of the identity it's attached to.
required: true
type: str
policy:
description: A properly formatted JSON sending authorization policy. Required when I(state=present).
type: json
state:
description: Whether to create(or update) or delete the authorization policy on the identity.
default: present
choices: [ 'present', 'absent' ]
type: str
requirements: [ 'botocore', 'boto3' ]
extends_documentation_fragment:
- aws

@ -2,6 +2,8 @@
# Copyright (c) 2017, Ben Tomasik <ben@tomasik.io>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
@ -24,12 +26,14 @@ options:
description:
- The name of the receipt rule set.
required: True
type: str
state:
description:
- Whether to create (or update) or destroy the receipt rule set.
required: False
default: present
choices: ["absent", "present"]
type: str
active:
description:
- Whether or not this rule set should be the active rule set. Only has an impact if I(state) is C(present).

@ -1,10 +1,12 @@
#!/usr/bin/python
# Copyright: (c) 2018, Loic BLOT (@nerzhul) <loic.blot@unix-experience.fr>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# This module is sponsored by E.T.A.I. (www.etai.fr)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}

@ -2,6 +2,9 @@
# Copyright: (c) 2017, Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'status': ['preview'],
'supported_by': 'community',
'metadata_version': '1.1'}
@ -18,14 +21,17 @@ options:
description:
- parameter key name.
required: true
type: str
description:
description:
- parameter key description.
required: false
type: str
value:
description:
- Parameter value.
required: false
type: str
state:
description:
- Creates or modifies an existing parameter
@ -33,40 +39,43 @@ options:
required: false
choices: ['present', 'absent']
default: present
type: str
string_type:
description:
- Parameter String type
required: false
choices: ['String', 'StringList', 'SecureString']
default: String
type: str
decryption:
description:
- Work with SecureString type to get plain text secrets
type: bool
required: false
default: True
default: true
key_id:
description:
- aws KMS key to decrypt the secrets.
- AWS KMS key to decrypt the secrets.
- The default key (C(alias/aws/ssm)) is automatically generated the first
time it's requested.
required: false
default: aws/ssm (this key is automatically generated at the first parameter created).
default: alias/aws/ssm
type: str
overwrite_value:
description:
- Option to overwrite an existing value if it already exists.
- String
required: false
version_added: "2.6"
choices: ['never', 'changed', 'always']
default: changed
region:
description:
- region.
required: false
type: str
author:
- Nathan Webster (@nathanwebsterdotme)
- Bill Wang (@ozbillwang) <ozbillwang@gmail.com>
- Michael De La Rue (@mikedlr)
extends_documentation_fragment: aws
extends_documentation_fragment:
- aws
- ec2
requirements: [ botocore, boto3 ]
'''
@ -231,7 +240,6 @@ def setup_module_object():
decryption=dict(default=True, type='bool'),
key_id=dict(default="alias/aws/ssm"),
overwrite_value=dict(default='changed', choices=['never', 'changed', 'always']),
region=dict(required=False),
)
return AnsibleAWSModule(

@ -3,6 +3,9 @@
# Copyright (c) 2015 Mike Mochan
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -25,6 +28,7 @@ options:
name:
description: Name of the Web Application Firewall condition to manage.
required: yes
type: str
type:
description: the type of matching to perform.
choices:
@ -35,6 +39,7 @@ options:
- size
- sql
- xss
type: str
filters:
description:
- A list of the filters against which to match.
@ -52,6 +57,8 @@ options:
- I(comparison) can be one of C(EQ), C(NE), C(LE), C(LT), C(GE), C(GT).
- I(target_string) is a maximum of 50 bytes.
- I(regex_pattern) is a dict with a C(name) key and C(regex_strings) list of strings to match.
type: list
elements: dict
purge_filters:
description:
- Whether to remove existing filters from a condition if not passed in I(filters).
@ -69,6 +76,7 @@ options:
- present
- absent
default: present
type: str
'''

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -18,12 +21,13 @@ options:
name:
description:
- The name of a Web Application Firewall
type: str
waf_regional:
description: Whether to use waf_regional module. Defaults to true
default: false
required: no
type: bool
version_added: "2.9"
description: Whether to use waf_regional module.
default: false
required: no
type: bool
version_added: "2.9"
author:
- Mike Mochan (@mmochan)

@ -3,6 +3,9 @@
# Copyright (c) 2015 Mike Mochan
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -25,25 +28,41 @@ options:
name:
description: Name of the Web Application Firewall rule
required: yes
type: str
metric_name:
description:
- A friendly name or description for the metrics for the rule
- The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
- You can't change metric_name after you create the rule
- Defaults to the same as name with disallowed characters removed
type: str
state:
description: whether the rule should be present or absent
choices:
- present
- absent
default: present
type: str
conditions:
description: >
list of conditions used in the rule. Each condition should
contain I(type): which is one of [C(byte), C(geo), C(ip), C(size), C(sql) or C(xss)]
I(negated): whether the condition should be negated, and C(condition),
the name of the existing condition. M(aws_waf_condition) can be used to
list of conditions used in the rule. M(aws_waf_condition) can be used to
create new conditions
type: list
elements: dict
suboptions:
type:
required: true
type: str
choices: ['byte','geo','ip','size','sql','xss']
description: The type of rule to match.
negated:
required: true
type: bool
description: Whether the condition should be negated.
condition:
required: true
type: str
description: The name of the condition. The condition must already exist.
purge_conditions:
description:
- Whether or not to remove conditions that are not passed when updating `conditions`.

@ -2,6 +2,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -24,6 +27,7 @@ options:
name:
description: Name of the Web Application Firewall ACL to manage
required: yes
type: str
default_action:
description: The action that you want AWS WAF to take when a request doesn't
match the criteria specified in any of the Rule objects that are associated with the WebACL
@ -31,24 +35,45 @@ options:
- block
- allow
- count
type: str
state:
description: whether the Web ACL should be present or absent
choices:
- present
- absent
default: present
type: str
metric_name:
description:
- A friendly name or description for the metrics for this WebACL
- The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
- You can't change metric_name after you create the WebACL
- Metric name will default to I(name) with disallowed characters stripped out
type: str
rules:
description:
- A list of rules that the Web ACL will enforce.
- Each rule must contain I(name), I(action), I(priority) keys.
- Priorities must be unique, but not necessarily consecutive. Lower numbered priorities are evaluated first.
- The I(type) key can be passed as C(rate_based), it defaults to C(regular)
type: list
elements: dict
suboptions:
name:
description: Name of the rule.
type: str
required: true
action:
description: The action to perform
type: str
required: true
priority:
description: The priority of the action. Priorities must be unique. Lower numbered priorities are evaluated first.
type: int
required: true
type:
description: The type of rule
choices:
- rate_based
- regular
type: str
purge_rules:
description:
- Whether to remove rules that aren't passed with C(rules).

@ -489,129 +489,6 @@ lib/ansible/modules/cloud/alicloud/ali_instance.py validate-modules:parameter-ty
lib/ansible/modules/cloud/alicloud/ali_instance.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/alicloud/ali_instance_info.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/alicloud/ali_instance_info.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_acm_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_acm_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_acm_info.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_acm_info.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_api_gateway.py validate-modules:undocumented-parameter
lib/ansible/modules/cloud/amazon/aws_api_gateway.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_application_scaling_policy.py validate-modules:undocumented-parameter
lib/ansible/modules/cloud/amazon/aws_application_scaling_policy.py validate-modules:doc-choices-do-not-match-spec
lib/ansible/modules/cloud/amazon/aws_application_scaling_policy.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_application_scaling_policy.py validate-modules:missing-suboption-docs
lib/ansible/modules/cloud/amazon/aws_az_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_az_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_az_info.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_batch_compute_environment.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_batch_compute_environment.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_batch_compute_environment.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_batch_compute_environment.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_batch_job_definition.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_batch_job_definition.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_batch_job_definition.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_batch_job_definition.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_batch_job_queue.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_batch_job_queue.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_batch_job_queue.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_batch_job_queue.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_caller_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_caller_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_codebuild.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_codebuild.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_codecommit.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_codecommit.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_codecommit.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_codepipeline.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_codepipeline.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_config_aggregation_authorization.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_config_aggregator.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_config_delivery_channel.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_config_recorder.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_config_rule.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_direct_connect_connection.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_direct_connect_connection.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_direct_connect_connection.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_direct_connect_gateway.py validate-modules:undocumented-parameter
lib/ansible/modules/cloud/amazon/aws_direct_connect_gateway.py validate-modules:doc-default-does-not-match-spec
lib/ansible/modules/cloud/amazon/aws_direct_connect_gateway.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_direct_connect_gateway.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_direct_connect_gateway.py validate-modules:return-syntax-error
lib/ansible/modules/cloud/amazon/aws_direct_connect_link_aggregation_group.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_direct_connect_link_aggregation_group.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_direct_connect_link_aggregation_group.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_direct_connect_link_aggregation_group.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_direct_connect_virtual_interface.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_direct_connect_virtual_interface.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_direct_connect_virtual_interface.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_direct_connect_virtual_interface.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_eks_cluster.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_eks_cluster.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_eks_cluster.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_eks_cluster.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_elasticbeanstalk_app.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_elasticbeanstalk_app.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_elasticbeanstalk_app.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_elasticbeanstalk_app.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_glue_connection.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_glue_connection.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_glue_connection.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_glue_job.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_glue_job.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_glue_job.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_inspector_target.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_inspector_target.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_inspector_target.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_inspector_target.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_kms.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_kms.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_kms.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_kms.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_kms_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_kms_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_kms_info.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_region_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_region_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_region_info.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_s3.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_s3.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_s3.py validate-modules:undocumented-parameter
lib/ansible/modules/cloud/amazon/aws_s3.py validate-modules:doc-default-does-not-match-spec
lib/ansible/modules/cloud/amazon/aws_s3.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_s3.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_secret.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_secret.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_ses_identity.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_ses_identity.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_ses_identity.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_ses_identity.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_ses_identity_policy.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_ses_identity_policy.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_ses_identity_policy.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_ses_identity_policy.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_ses_rule_set.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_ses_rule_set.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_ses_rule_set.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_sgw_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_sgw_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_ssm_parameter_store.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_ssm_parameter_store.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_ssm_parameter_store.py validate-modules:doc-default-does-not-match-spec
lib/ansible/modules/cloud/amazon/aws_ssm_parameter_store.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_waf_condition.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_waf_condition.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_waf_condition.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_waf_condition.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_waf_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_waf_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_waf_info.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_waf_rule.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_waf_rule.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_waf_rule.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_waf_rule.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/aws_waf_web_acl.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/aws_waf_web_acl.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/aws_waf_web_acl.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/aws_waf_web_acl.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/cloudformation.py validate-modules:doc-default-does-not-match-spec
lib/ansible/modules/cloud/amazon/cloudformation.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/cloudformation.py validate-modules:doc-missing-type

Loading…
Cancel
Save