Amazon related Sanity test fixups (remaining batch 2) (#64358)

* Remove sanity/ignore.txt entries

* replace use of "_" as a variable name

* Cleanup boilerplate

* Remove default values from mandatory parameters

* Sanity test documentation updates

* Remove unused imports from iam_role
pull/60365/head
Mark Chappell 5 years ago committed by John R Barker
parent 9686808326
commit 8528fbc790

@ -1,18 +1,9 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['deprecated'],
@ -41,13 +32,16 @@ options:
required: true
choices: [ "aliases", "all", "config", "mappings", "policy", "versions" ]
default: "all"
type: str
function_name:
description:
- The name of the lambda function for which facts are requested.
aliases: [ "function", "name"]
type: str
event_source_arn:
description:
- For query type 'mappings', this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
type: str
author: Pierre Jodouin (@pjodouin)
requirements:
- boto3

@ -1,18 +1,9 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
@ -44,43 +35,46 @@ options:
- The name of the function to be invoked. This can only be used for
invocations within the calling account. To invoke a function in another
account, use I(function_arn) to specify the full ARN.
type: str
function_arn:
description:
- The name of the function to be invoked
type: str
tail_log:
description:
- If C(tail_log=yes), the result of the task will include the last 4 KB
- If I(tail_log=yes), the result of the task will include the last 4 KB
of the CloudWatch log for the function execution. Log tailing only
works if you use synchronous invocation C(wait=yes). This is usually
works if you use synchronous invocation I(wait=yes). This is usually
used for development or testing Lambdas.
type: bool
default: 'no'
default: false
wait:
description:
- Whether to wait for the function results or not. If I(wait) is C(no),
- Whether to wait for the function results or not. If I(wait=no)
the task will not return any results. To wait for the Lambda function
to complete, set C(wait=yes) and the result will be available in the
to complete, set I(wait=yes) and the result will be available in the
I(output) key.
type: bool
default: 'yes'
default: true
dry_run:
description:
- Do not *actually* invoke the function. A C(DryRun) call will check that
the caller has permissions to call the function, especially for
checking cross-account permissions.
type: bool
default: 'no'
default: false
version_qualifier:
description:
- Which version/alias of the function to run. This defaults to the
C(LATEST) revision, but can be set to any existing version or alias.
See U(https://docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html)
for details.
default: LATEST
type: str
payload:
description:
- A dictionary in any form to be provided as input to the Lambda function.
default: {}
type: dict
'''
EXAMPLES = '''

@ -1,65 +1,68 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['stableinterface'],
'supported_by': 'community'}
DOCUMENTATION = '''
---
module: iam_policy
short_description: Manage IAM policies for users, groups, and roles
short_description: Manage inline IAM policies for users, groups, and roles
description:
- Allows uploading or removing IAM policies for IAM users, groups or roles.
- Allows uploading or removing inline IAM policies for IAM users, groups or roles.
- To administer managed policies please see M(iam_user), M(iam_role),
M(iam_group) and M(iam_managed_policy)
version_added: "2.0"
options:
iam_type:
description:
- Type of IAM resource
- Type of IAM resource.
required: true
choices: [ "user", "group", "role"]
type: str
iam_name:
description:
- Name of IAM resource you wish to target for policy actions. In other words, the user name, group name or role name.
required: true
type: str
policy_name:
description:
- The name label for the policy to create or remove.
required: true
type: str
policy_document:
description:
- The path to the properly json formatted policy file (mutually exclusive with C(policy_json))
- The path to the properly json formatted policy file.
- Mutually exclusive with I(policy_json).
type: str
policy_json:
description:
- A properly json formatted policy as string (mutually exclusive with C(policy_document),
see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813 on how to use it properly)
- A properly json formatted policy as string.
- Mutually exclusive with I(policy_document).
- See U(https://github.com/ansible/ansible/issues/7005#issuecomment-42894813) on how to use it properly.
type: json
state:
description:
- Whether to create or delete the IAM policy.
required: true
choices: [ "present", "absent"]
default: present
type: str
skip_duplicates:
description:
- By default the module looks for any policies that match the document you pass in, if there is a match it will not make a new policy object with
the same rules. You can override this by specifying false which would allow for two policy objects with different names but same rules.
default: "/"
default: True
type: bool
notes:
- 'Currently boto does not support the removal of Managed Policies, the module will not work removing/adding managed policies.'
author: "Jonathan I. Davila (@defionscode)"
author:
- Jonathan I. Davila (@defionscode)
extends_documentation_fragment:
- aws
- ec2
@ -268,12 +271,10 @@ def group_action(module, iam, name, policy_name, skip, pdoc, state):
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
iam_type=dict(
default=None, required=True, choices=['user', 'group', 'role']),
state=dict(
default=None, required=True, choices=['present', 'absent']),
iam_type=dict(required=True, choices=['user', 'group', 'role']),
state=dict(default='present', choices=['present', 'absent']),
iam_name=dict(default=None, required=False),
policy_name=dict(default=None, required=True),
policy_name=dict(required=True),
policy_document=dict(default=None, required=False),
policy_json=dict(type='json', default=None, required=False),
skip_duplicates=dict(type='bool', default=True, required=False)

@ -1,22 +1,11 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['stableinterface'],
'supported_by': 'community'}

@ -1,6 +1,9 @@
#!/usr/bin/python
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
@ -19,14 +22,17 @@ options:
description:
- The path to the role. For more information about paths, see U(https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html).
default: "/"
type: str
name:
description:
- The name of the role to create.
required: true
type: str
description:
description:
- Provide a description of the new role
version_added: "2.5"
type: str
boundary:
description:
- Add the ARN of an IAM managed policy to restrict the permissions this role can pass on to IAM roles/users that it creates.
@ -35,45 +41,50 @@ options:
- For more information on boundaries, see U(https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
aliases: [boundary_policy_arn]
version_added: "2.7"
type: str
assume_role_policy_document:
description:
- The trust relationship policy document that grants an entity permission to assume the role.
- "This parameter is required when C(state=present)."
type: json
managed_policy:
description:
- A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names.
To embed an inline policy, use M(iam_policy). To remove existing policies, use an empty list item.
aliases: [ managed_policies ]
type: list
max_session_duration:
description:
- The maximum duration (in seconds) of a session when assuming the role.
- Valid values are between 1 and 12 hours (3600 and 43200 seconds).
version_added: "2.10"
type: int
purge_policies:
description:
- Detaches any managed policies not listed in the "managed_policy" option. Set to false if you want to attach policies elsewhere.
type: bool
default: true
version_added: "2.5"
type: bool
state:
description:
- Create or remove the IAM role
default: present
choices: [ present, absent ]
type: str
create_instance_profile:
description:
- Creates an IAM instance profile along with the role
type: bool
default: true
version_added: "2.5"
type: bool
delete_instance_profile:
description:
- When deleting a role will also delete the instance profile created with
the same name as the role
- Only applies when C(state=absent)
type: bool
default: false
version_added: "2.10"
type: bool
requirements: [ botocore, boto3 ]
extends_documentation_fragment:
- aws
@ -169,14 +180,12 @@ iam_role:
]
'''
from ansible.module_utils._text import to_native
import json
from ansible.module_utils.aws.core import AnsibleAWSModule
from ansible.module_utils.ec2 import camel_dict_to_snake_dict, ec2_argument_spec, get_aws_connection_info, boto3_conn, compare_policies
from ansible.module_utils.ec2 import AWSRetry
import json
import traceback
try:
from botocore.exceptions import ClientError, BotoCoreError
except ImportError:

@ -25,14 +25,16 @@ author:
options:
name:
description:
- Name of a role to search for
- Mutually exclusive with C(prefix)
- Name of a role to search for.
- Mutually exclusive with I(path_prefix).
aliases:
- role_name
type: str
path_prefix:
description:
- Prefix of role I(path) to restrict IAM role search for
- Mutually exclusive with C(name)
- Prefix of role C(path) to restrict IAM role search for.
- Mutually exclusive with I(name).
type: str
extends_documentation_fragment:
- aws
- ec2

@ -26,22 +26,28 @@ author: Allen Sanabria (@linuxdynasty)
options:
name:
description:
- "The name of the Kinesis Stream you are managing."
- The name of the Kinesis Stream you are managing.
required: true
type: str
shards:
description:
- "The number of shards you want to have with this stream."
- "This is required when state == present"
- The number of shards you want to have with this stream.
- This is required when I(state=present)
type: int
retention_period:
description:
- "The default retention period is 24 hours and can not be less than 24
hours."
- "The retention period can be modified during any point in time."
- The length of time (in hours) data records are accessible after they are added to
the stream.
- The default retention period is 24 hours and can not be less than 24 hours.
- The maximum retention period is 168 hours.
- The retention period can be modified during any point in time.
type: int
state:
description:
- "Create or Delete the Kinesis Stream."
- Create or Delete the Kinesis Stream.
default: present
choices: [ 'present', 'absent' ]
type: str
wait:
description:
- Wait for operation to complete before returning.
@ -51,24 +57,30 @@ options:
description:
- How many seconds to wait for an operation to complete before timing out.
default: 300
type: int
tags:
description:
- "A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }."
- "A dictionary of resource tags of the form: C({ tag1: value1, tag2: value2 })."
aliases: [ "resource_tags" ]
type: dict
encryption_state:
description:
- "Enable or Disable encryption on the Kinesis Stream."
- Enable or Disable encryption on the Kinesis Stream.
choices: [ 'enabled', 'disabled' ]
version_added: "2.5"
type: str
encryption_type:
description:
- "The type of encryption."
default: KMS
- The type of encryption.
- Defaults to C(KMS)
choices: ['KMS', 'NONE']
version_added: "2.5"
type: str
key_id:
description:
- "The GUID or alias for the KMS key."
- The GUID or alias for the KMS key.
version_added: "2.5"
type: str
extends_documentation_fragment:
- aws
- ec2
@ -964,11 +976,11 @@ def update(client, current_stream, stream_name, number_of_shards=1, retention_pe
return success, changed, err_msg
if tags:
_, _, err_msg = (
tag_success, tag_changed, err_msg = (
update_tags(client, stream_name, tags, check_mode=check_mode)
)
if wait:
success, err_msg, _ = (
success, err_msg, status_stream = (
wait_for_status(
client, stream_name, 'ACTIVE', wait_timeout,
check_mode=check_mode
@ -1102,10 +1114,10 @@ def create_stream(client, stream_name, number_of_shards=1, retention_period=None
changed = True
if success:
_, _, results = (
stream_found, stream_msg, results = (
find_stream(client, stream_name, check_mode=check_mode)
)
_, _, current_tags = (
tag_success, tag_msg, current_tags = (
get_tags(client, stream_name, check_mode=check_mode)
)
if current_tags and not check_mode:
@ -1323,7 +1335,7 @@ def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
name=dict(default=None, required=True),
name=dict(required=True),
shards=dict(default=None, required=False, type='int'),
retention_period=dict(default=None, required=False, type='int'),
tags=dict(default=None, required=False, type='dict', aliases=['resource_tags']),

@ -1,18 +1,9 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
@ -33,79 +24,99 @@ options:
description:
- The name you want to assign to the function you are uploading. Cannot be changed.
required: true
type: str
state:
description:
- Create or delete Lambda function.
default: present
choices: [ 'present', 'absent' ]
type: str
runtime:
description:
- The runtime environment for the Lambda function you are uploading.
- Required when creating a function. Uses parameters as described in boto3 docs.
- Required when C(state=present).
- Required when I(state=present).
- For supported list of runtimes, see U(https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).
type: str
role:
description:
- The Amazon Resource Name (ARN) of the IAM role that Lambda assumes when it executes your function to access any other Amazon Web Services (AWS)
resources. You may use the bare ARN if the role belongs to the same AWS account.
- Required when C(state=present).
- Required when I(state=present).
type: str
handler:
description:
- The function within your code that Lambda calls to begin execution.
type: str
zip_file:
description:
- A .zip file containing your deployment package
- If C(state=present) then either zip_file or s3_bucket must be present.
- If I(state=present) then either I(zip_file) or I(s3_bucket) must be present.
aliases: [ 'src' ]
type: str
s3_bucket:
description:
- Amazon S3 bucket name where the .zip file containing your deployment package is stored.
- If C(state=present) then either zip_file or s3_bucket must be present.
- C(s3_bucket) and C(s3_key) are required together.
- If I(state=present) then either I(zip_file) or I(s3_bucket) must be present.
- I(s3_bucket) and I(s3_key) are required together.
type: str
s3_key:
description:
- The Amazon S3 object (the deployment package) key name you want to upload.
- C(s3_bucket) and C(s3_key) are required together.
- I(s3_bucket) and I(s3_key) are required together.
type: str
s3_object_version:
description:
- The Amazon S3 object (the deployment package) version you want to upload.
type: str
description:
description:
- A short, user-defined function description. Lambda does not use this value. Assign a meaningful description as you see fit.
type: str
timeout:
description:
- The function maximum execution time in seconds after which Lambda should terminate the function.
default: 3
type: int
memory_size:
description:
- The amount of memory, in MB, your Lambda function is given.
default: 128
type: int
vpc_subnet_ids:
description:
- List of subnet IDs to run Lambda function in. Use this option if you need to access resources in your VPC. Leave empty if you don't want to run
the function in a VPC.
- List of subnet IDs to run Lambda function in.
- Use this option if you need to access resources in your VPC. Leave empty if you don't want to run the function in a VPC.
- If set, I(vpc_security_group_ids) must also be set.
type: list
elements: str
vpc_security_group_ids:
description:
- List of VPC security group IDs to associate with the Lambda function. Required when vpc_subnet_ids is used.
- List of VPC security group IDs to associate with the Lambda function.
- Required when I(vpc_subnet_ids) is used.
type: list
elements: str
environment_variables:
description:
- A dictionary of environment variables the Lambda function is given.
aliases: [ 'environment' ]
version_added: "2.3"
type: dict
dead_letter_arn:
description:
- The parent object that contains the target Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
version_added: "2.3"
type: str
tracing_mode:
description:
- Set mode to 'Active' to sample and trace incoming requests with AWS X-Ray. Turned off (set to 'PassThrough') by default.
choices: ['Active', 'PassThrough']
version_added: "2.10"
type: str
tags:
description:
- tag dict to apply to the function (requires botocore 1.5.40 or above).
version_added: "2.5"
type: dict
author:
- 'Steyn Huizinga (@steynovich)'
extends_documentation_fragment:

@ -28,27 +28,32 @@ options:
description:
- The name of the function alias.
required: true
type: str
state:
description:
- Describes the desired state.
required: true
default: "present"
choices: ["present", "absent"]
type: str
name:
description:
- Name of the function alias.
required: true
aliases: ['alias_name']
type: str
description:
description:
- A short, user-defined function alias description.
required: false
version:
type: str
function_version:
description:
- Version associated with the Lambda function alias.
A value of 0 (or omitted parameter) sets the alias to the $LATEST version.
required: false
aliases: ['function_version']
aliases: ['version']
type: int
requirements:
- boto3
extends_documentation_fragment:
@ -356,8 +361,8 @@ def main():
argument_spec.update(
dict(
state=dict(required=False, default='present', choices=['present', 'absent']),
function_name=dict(required=True, default=None),
name=dict(required=True, default=None, aliases=['alias_name']),
function_name=dict(required=True),
name=dict(required=True, aliases=['alias_name']),
function_version=dict(type='int', required=False, default=0, aliases=['version']),
description=dict(required=False, default=None),
)

@ -31,44 +31,60 @@ options:
- The name or ARN of the lambda function.
required: true
aliases: ['function_name', 'function_arn']
type: str
state:
description:
- Describes the desired state.
required: true
default: "present"
choices: ["present", "absent"]
type: str
alias:
description:
- Name of the function alias. Mutually exclusive with C(version).
- Name of the function alias. Mutually exclusive with I(version).
required: true
type: str
version:
description:
- Version of the Lambda function. Mutually exclusive with C(alias).
- Version of the Lambda function. Mutually exclusive with I(alias).
required: false
type: int
event_source:
description:
- Source of the event that triggers the lambda function.
- For DynamoDB and Kinesis events, select 'stream'
- For SQS queues, select 'sqs'
- For DynamoDB and Kinesis events, select C(stream)
- For SQS queues, select C(sqs)
required: false
default: stream
choices: ['stream', 'sqs']
type: str
source_params:
description:
- Sub-parameters required for event source.
- I(== stream event source ==)
- C(source_arn) The Amazon Resource Name (ARN) of the Kinesis or DynamoDB stream that is the event source.
- C(enabled) Indicates whether AWS Lambda should begin polling the event source. Default is True.
- C(batch_size) The largest number of records that AWS Lambda will retrieve from your event source at the
time of invoking your function. Default is 100.
- C(starting_position) The position in the stream where AWS Lambda should start reading.
Choices are TRIM_HORIZON or LATEST.
- I(== sqs event source ==)
- C(source_arn) The Amazon Resource Name (ARN) of the SQS queue to read events from.
- C(enabled) Indicates whether AWS Lambda should begin reading from the event source. Default is True.
- C(batch_size) The largest number of records that AWS Lambda will retrieve from your event source at the
time of invoking your function. Default is 100.
suboptions:
source_arn:
description:
- The Amazon Resource Name (ARN) of the SQS queue, Kinesis stream or DynamoDB stream that is the event source.
type: str
required: true
enabled:
description:
- Indicates whether AWS Lambda should begin polling or readin from the event source.
default: true.
type: bool
batch_size:
description:
- The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function.
default: 100
type: int
starting_position:
description:
- The position in the stream where AWS Lambda should start reading.
- Required when I(event_source=stream).
choices: [TRIM_HORIZON,LATEST]
type: str
required: true
type: dict
requirements:
- boto3
extends_documentation_fragment:
@ -399,9 +415,9 @@ def main():
argument_spec.update(
dict(
state=dict(required=False, default='present', choices=['present', 'absent']),
lambda_function_arn=dict(required=True, default=None, aliases=['function_name', 'function_arn']),
lambda_function_arn=dict(required=True, aliases=['function_name', 'function_arn']),
event_source=dict(required=False, default="stream", choices=source_choices),
source_params=dict(type='dict', required=True, default=None),
source_params=dict(type='dict', required=True),
alias=dict(required=False, default=None),
version=dict(type='int', required=False, default=0),
)

@ -1,18 +1,10 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
@ -25,7 +17,7 @@ module: lambda_info
short_description: Gathers AWS Lambda function details
description:
- Gathers various details related to Lambda functions, including aliases, versions and event source mappings.
Use module M(lambda) to manage the lambda function itself, M(lambda_alias) to manage function aliases and
- Use module M(lambda) to manage the lambda function itself, M(lambda_alias) to manage function aliases and
M(lambda_event) to manage lambda event source mappings.
version_added: "2.9"
@ -37,13 +29,16 @@ options:
required: true
choices: [ "aliases", "all", "config", "mappings", "policy", "versions" ]
default: "all"
type: str
function_name:
description:
- The name of the lambda function for which information is requested.
aliases: [ "function", "name"]
type: str
event_source_arn:
description:
- For query type 'mappings', this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
- When I(query=mappings), this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
type: str
author: Pierre Jodouin (@pjodouin)
requirements:
- boto3

@ -3,6 +3,9 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'status': ['preview'],
'supported_by': 'community',
'metadata_version': '1.1'}
@ -13,10 +16,10 @@ module: lambda_policy
short_description: Creates, updates or deletes AWS Lambda policy statements.
description:
- This module allows the management of AWS Lambda policy statements.
It is idempotent and supports "Check" mode. Use module M(lambda) to manage the lambda
function itself, M(lambda_alias) to manage function aliases, M(lambda_event) to manage event source mappings
such as Kinesis streams, M(execute_lambda) to execute a lambda function and M(lambda_info) to gather information
relating to one or more lambda functions.
- It is idempotent and supports "Check" mode.
- Use module M(lambda) to manage the lambda function itself, M(lambda_alias) to manage function aliases,
M(lambda_event) to manage event source mappings such as Kinesis streams, M(execute_lambda) to execute a
lambda function and M(lambda_info) to gather information relating to one or more lambda functions.
version_added: "2.4"
@ -28,38 +31,44 @@ options:
description:
- "Name of the Lambda function whose resource policy you are updating by adding a new permission."
- "You can specify a function name (for example, Thumbnail ) or you can specify Amazon Resource Name (ARN) of the"
- "function (for example, arn:aws:lambda:us-west-2:account-id:function:ThumbNail ). AWS Lambda also allows you to"
- "specify partial ARN (for example, account-id:Thumbnail ). Note that the length constraint applies only to the"
- "function (for example, C(arn:aws:lambda:us-west-2:account-id:function:ThumbNail) ). AWS Lambda also allows you to"
- "specify partial ARN (for example, C(account-id:Thumbnail) ). Note that the length constraint applies only to the"
- "ARN. If you specify only the function name, it is limited to 64 character in length."
required: true
aliases: ['lambda_function_arn', 'function_arn']
type: str
state:
description:
- Describes the desired state.
default: "present"
choices: ["present", "absent"]
type: str
alias:
description:
- Name of the function alias. Mutually exclusive with C(version).
- Name of the function alias. Mutually exclusive with I(version).
type: str
version:
description:
- Version of the Lambda function. Mutually exclusive with C(alias).
- Version of the Lambda function. Mutually exclusive with I(alias).
type: int
statement_id:
description:
- A unique statement identifier.
required: true
aliases: ['sid']
type: str
action:
description:
- "The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with
lambda: followed by the API name (see Operations ). For example, lambda:CreateFunction . You can use wildcard
(lambda:* ) to grant permission for all AWS Lambda actions."
lambda: followed by the API name (see Operations ). For example, C(lambda:CreateFunction) . You can use wildcard
(C(lambda:*)) to grant permission for all AWS Lambda actions."
required: true
type: str
principal:
description:
@ -68,24 +77,28 @@ options:
any valid AWS service principal such as sns.amazonaws.com . For example, you might want to allow a custom
application in another AWS account to push events to AWS Lambda by invoking your function."
required: true
type: str
source_arn:
description:
- This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this
field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from
the specified bucket can invoke the function.
type: str
source_account:
description:
- The AWS account ID (without a hyphen) of the source owner. For example, if the SourceArn identifies a bucket,
- The AWS account ID (without a hyphen) of the source owner. For example, if I(source_arn) identifies a bucket,
then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you
specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS
account created the bucket). You can also use this condition to specify all sources (that is, you don't
specify the SourceArn ) owned by a specific account.
specify the I(source_arn) ) owned by a specific account.
type: str
event_source_token:
description:
- Token string representing source ARN or account. Mutually exclusive with C(source_arn) or C(source_account).
- Token string representing source ARN or account. Mutually exclusive with I(source_arn) or I(source_account).
type: str
requirements:
- boto3

@ -25,34 +25,46 @@ options:
- Indicate desired state of the target.
default: present
choices: ['present', 'absent', 'running', 'restarted', 'stopped']
type: str
name:
description:
- Name of the instance
- Name of the instance.
required: true
type: str
zone:
description:
- AWS availability zone in which to launch the instance. Required when state='present'
- AWS availability zone in which to launch the instance.
- Required when I(state=present)
type: str
blueprint_id:
description:
- ID of the instance blueprint image. Required when state='present'
- ID of the instance blueprint image.
- Required when I(state=present)
type: str
bundle_id:
description:
- Bundle of specification info for the instance. Required when state='present'
- Bundle of specification info for the instance.
- Required when I(state=present).
type: str
user_data:
description:
- Launch script that can configure the instance with additional data
- Launch script that can configure the instance with additional data.
type: str
key_pair_name:
description:
- Name of the key pair to use with the instance
- Name of the key pair to use with the instance.
type: str
wait:
description:
- Wait for the instance to be in state 'running' before returning. If wait is "no" an ip_address may not be returned
- Wait for the instance to be in state 'running' before returning.
- If I(wait=false) an ip_address may not be returned.
type: bool
default: 'yes'
default: true
wait_timeout:
description:
- How long before wait gives up, in seconds.
- How long before I(wait) gives up, in seconds.
default: 300
type: int
requirements:
- "python >= 2.6"

@ -25,151 +25,211 @@ description:
options:
command:
description:
- Specifies the action to take. The 'reboot' option is available starting at version 2.0
- Specifies the action to take. The 'reboot' option is available starting at version 2.0.
required: true
choices: [ 'create', 'replicate', 'delete', 'facts', 'modify' , 'promote', 'snapshot', 'reboot', 'restore' ]
type: str
instance_name:
description:
- Database instance identifier. Required except when using command=facts or command=delete on just a snapshot
- Database instance identifier.
- Required except when using I(command=facts) or I(command=delete) on just a snapshot.
type: str
source_instance:
description:
- Name of the database to replicate. Used only when command=replicate.
- Name of the database to replicate.
- Used only when I(command=replicate).
type: str
db_engine:
description:
- The type of database. Used only when command=create.
- mariadb was added in version 2.2
- The type of database.
- Used only when I(command=create).
- mariadb was added in version 2.2.
choices: ['mariadb', 'MySQL', 'oracle-se1', 'oracle-se2', 'oracle-se', 'oracle-ee',
'sqlserver-ee', 'sqlserver-se', 'sqlserver-ex', 'sqlserver-web', 'postgres', 'aurora']
type: str
size:
description:
- Size in gigabytes of the initial storage for the DB instance. Used only when command=create or command=modify.
- Size in gigabytes of the initial storage for the DB instance.
- Used only when I(command=create) or I(command=modify).
type: str
instance_type:
description:
- The instance type of the database. Must be specified when command=create. Optional when command=replicate, command=modify or command=restore.
If not specified then the replica inherits the same instance type as the source instance.
- The instance type of the database.
- If not specified then the replica inherits the same instance type as the source instance.
- Required when I(command=create).
- Optional when I(command=replicate), I(command=modify) or I(command=restore).
aliases: ['type']
type: str
username:
description:
- Master database username. Used only when command=create.
- Master database username.
- Used only when I(command=create).
type: str
password:
description:
- Password for the master database username. Used only when command=create or command=modify.
region:
description:
- The AWS region to use. If not specified then the value of the EC2_REGION environment variable, if any, is used.
required: true
aliases: [ 'aws_region', 'ec2_region' ]
- Password for the master database username.
- Used only when I(command=create) or I(command=modify).
type: str
db_name:
description:
- Name of a database to create within the instance. If not specified then no database is created. Used only when command=create.
- Name of a database to create within the instance.
- If not specified then no database is created.
- Used only when I(command=create).
type: str
engine_version:
description:
- Version number of the database engine to use. Used only when command=create. If not specified then the current Amazon RDS default engine version is used
- Version number of the database engine to use.
- If not specified then the current Amazon RDS default engine version is used
- Used only when I(command=create).
type: str
parameter_group:
description:
- Name of the DB parameter group to associate with this instance. If omitted then the RDS default DBParameterGroup will be used. Used only
when command=create or command=modify.
- Name of the DB parameter group to associate with this instance.
- If omitted then the RDS default DBParameterGroup will be used.
- Used only when I(command=create) or I(command=modify).
type: str
license_model:
description:
- The license model for this DB instance. Used only when command=create or command=restore.
- The license model for this DB instance.
- Used only when I(command=create) or I(command=restore).
choices: [ 'license-included', 'bring-your-own-license', 'general-public-license', 'postgresql-license' ]
type: str
multi_zone:
description:
- Specifies if this is a Multi-availability-zone deployment. Can not be used in conjunction with zone parameter. Used only when command=create or
command=modify.
- Specifies if this is a Multi-availability-zone deployment.
- Can not be used in conjunction with I(zone) parameter.
- Used only when I(command=create) or I(command=modify).
type: bool
iops:
description:
- Specifies the number of IOPS for the instance. Used only when command=create or command=modify. Must be an integer greater than 1000.
- Specifies the number of IOPS for the instance.
- Used only when I(command=create) or I(command=modify).
- Must be an integer greater than 1000.
type: str
security_groups:
description:
- Comma separated list of one or more security groups. Used only when command=create or command=modify.
- Comma separated list of one or more security groups.
- Used only when I(command=create) or I(command=modify).
type: str
vpc_security_groups:
description:
- Comma separated list of one or more vpc security group ids. Also requires `subnet` to be specified. Used only when command=create or command=modify.
- Comma separated list of one or more vpc security group ids.
- Also requires I(subnet) to be specified.
- Used only when I(command=create) or I(command=modify).
type: list
elements: str
port:
description:
- Port number that the DB instance uses for connections. Used only when command=create or command=replicate.
- Prior to 2.0 it always defaults to null and the API would use 3306, it had to be set to other DB default values when not using MySql.
Starting at 2.0 it automatically defaults to what is expected for each C(db_engine).
default: 3306 for mysql, 1521 for Oracle, 1433 for SQL Server, 5432 for PostgreSQL.
- Port number that the DB instance uses for connections.
- Used only when I(command=create) or I(command=replicate).
- 'Defaults to the standard ports for each I(db_engine): C(3306) for MySQL and MariaDB, C(1521) for Oracle
C(1433) for SQL Server, C(5432) for PostgreSQL.'
type: int
upgrade:
description:
- Indicates that minor version upgrades should be applied automatically.
- Used only when command=create or command=modify or command=restore or command=replicate.
- Used only when I(command=create) or I(command=modify) or I(command=restore) or I(command=replicate).
type: bool
default: 'no'
default: false
option_group:
description:
- The name of the option group to use. If not specified then the default option group is used. Used only when command=create.
- The name of the option group to use.
- If not specified then the default option group is used.
- Used only when I(command=create).
type: str
maint_window:
description:
- >
Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15) If not specified then a random maintenance window is
assigned. Used only when command=create or command=modify.
- 'Maintenance window in format of C(ddd:hh24:mi-ddd:hh24:mi). (Example: C(Mon:22:00-Mon:23:15))'
- Times are specified in UTC.
- If not specified then a random maintenance window is assigned.
- Used only when I(command=create) or I(command=modify).
type: str
backup_window:
description:
- Backup window in format of hh24:mi-hh24:mi. If not specified then a random backup window is assigned. Used only when command=create or command=modify.
- 'Backup window in format of C(hh24:mi-hh24:mi). (Example: C(18:00-20:30))'
- Times are specified in UTC.
- If not specified then a random backup window is assigned.
- Used only when command=create or command=modify.
type: str
backup_retention:
description:
- >
Number of days backups are retained. Set to 0 to disable backups. Default is 1 day. Valid range: 0-35. Used only when command=create or
command=modify.
- Number of days backups are retained.
- Set to 0 to disable backups.
- Default is 1 day.
- 'Valid range: 0-35.'
- Used only when I(command=create) or I(command=modify).
type: str
zone:
description:
- availability zone in which to launch the instance. Used only when command=create, command=replicate or command=restore.
- availability zone in which to launch the instance.
- Used only when I(command=create), I(command=replicate) or I(command=restore).
- Can not be used in conjunction with I(multi_zone) parameter.
aliases: ['aws_zone', 'ec2_zone']
type: str
subnet:
description:
- VPC subnet group. If specified then a VPC instance is created. Used only when command=create.
- VPC subnet group.
- If specified then a VPC instance is created.
- Used only when I(command=create).
type: str
snapshot:
description:
- Name of snapshot to take. When command=delete, if no snapshot name is provided then no snapshot is taken. If used with command=delete with
no instance_name, the snapshot is deleted. Used with command=facts, command=delete or command=snapshot.
aws_secret_key:
description:
- AWS secret key. If not set then the value of the AWS_SECRET_KEY environment variable is used.
aliases: [ 'ec2_secret_key', 'secret_key' ]
aws_access_key:
description:
- AWS access key. If not set then the value of the AWS_ACCESS_KEY environment variable is used.
aliases: [ 'ec2_access_key', 'access_key' ]
- Name of snapshot to take.
- When I(command=delete), if no I(snapshot) name is provided then no snapshot is taken.
- When I(command=delete), if no I(instance_name) is provided the snapshot is deleted.
- Used with I(command=facts), I(command=delete) or I(command=snapshot).
type: str
wait:
description:
- When command=create, replicate, modify or restore then wait for the database to enter the 'available' state. When command=delete wait for
the database to be terminated.
- When I(command=create), replicate, modify or restore then wait for the database to enter the 'available' state.
- When I(command=delete), wait for the database to be terminated.
type: bool
default: 'no'
default: false
wait_timeout:
description:
- how long before wait gives up, in seconds
- How long before wait gives up, in seconds.
- Used when I(wait=true).
default: 300
type: int
apply_immediately:
description:
- Used only when command=modify. If enabled, the modifications will be applied as soon as possible rather than waiting for the next
preferred maintenance window.
- When I(apply_immediately=trye), the modifications will be applied as soon as possible rather than waiting for the
next preferred maintenance window.
- Used only when I(command=modify).
type: bool
default: 'no'
default: false
force_failover:
description:
- Used only when command=reboot. If enabled, the reboot is done using a MultiAZ failover.
- If enabled, the reboot is done using a MultiAZ failover.
- Used only when I(command=reboot).
type: bool
default: 'no'
default: false
version_added: "2.0"
new_instance_name:
description:
- Name to rename an instance to. Used only when command=modify.
- Name to rename an instance to.
- Used only when I(command=modify).
type: str
version_added: "1.5"
character_set_name:
description:
- Associate the DB instance with a specified character set. Used with command=create.
- Associate the DB instance with a specified character set.
- Used with I(command=create).
version_added: "1.9"
type: str
publicly_accessible:
description:
- explicitly set whether the resource should be publicly accessible or not. Used with command=create, command=replicate. Requires boto >= 2.26.0
- Explicitly set whether the resource should be publicly accessible or not.
- Used with I(command=create), I(command=replicate).
- Requires boto >= 2.26.0
type: str
version_added: "1.9"
tags:
description:
- tags dict to apply to a resource. Used with command=create, command=replicate, command=restore. Requires boto >= 2.26.0
- tags dict to apply to a resource.
- Used with I(command=create), I(command=replicate), I(command=restore).
- Requires boto >= 2.26.0
type: dict
version_added: "1.9"
requirements:
- "python >= 2.6"

@ -4,6 +4,10 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'status': ['preview'],
'supported_by': 'community',
'metadata_version': '1.1'}
@ -14,7 +18,7 @@ module: rds_instance_info
version_added: "2.6"
short_description: obtain information about one or more RDS instances
description:
- obtain information about one or more RDS instances
- Obtain information about one or more RDS instances.
- This module was called C(rds_instance_facts) before Ansible 2.9. The usage did not change.
options:
db_instance_identifier:
@ -23,10 +27,12 @@ options:
required: false
aliases:
- id
type: str
filters:
description:
- A filter that specifies one or more DB instances to describe.
See U(https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html)
type: dict
requirements:
- "python >= 2.7"
- "boto3"

@ -1,18 +1,10 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['stableinterface'],
@ -25,27 +17,31 @@ module: rds_param_group
version_added: "1.5"
short_description: manage RDS parameter groups
description:
- Creates, modifies, and deletes RDS parameter groups. This module has a dependency on python-boto >= 2.5.
- Creates, modifies, and deletes RDS parameter groups.
requirements: [ boto3 ]
options:
state:
description:
- Specifies whether the group should be present or absent.
required: true
default: present
choices: [ 'present' , 'absent' ]
type: str
name:
description:
- Database parameter group identifier.
required: true
type: str
description:
description:
- Database parameter group description. Only set when a new group is added.
type: str
engine:
description:
- The type of database for this group. Required for state=present.
- The type of database for this group.
- Please use following command to get list of all supported db engines and their respective versions.
- '# aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"'
- Required for I(state=present).
type: str
immediate:
description:
- Whether to apply the changes immediately, or after the next reboot of any associated instances.
@ -57,13 +53,15 @@ options:
- Map of parameter names and values. Numeric values may be represented as K for kilo (1024), M for mega (1024^2), G for giga (1024^3),
or T for tera (1024^4), and these values will be expanded into the appropriate number before being set in the parameter group.
aliases: [parameters]
type: dict
tags:
description:
- Dictionary of tags to attach to the parameter group
- Dictionary of tags to attach to the parameter group.
version_added: "2.4"
type: dict
purge_tags:
description:
- Whether or not to remove tags that do not appear in the I(tags) list.
- Whether or not to remove tags that do not appear in the M(tags) list.
version_added: "2.4"
type: bool
default: False

@ -4,6 +4,9 @@
# Copyright (c) 2017, 2018 Michael De La Rue
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'status': ['preview'],
'supported_by': 'community',

@ -4,6 +4,10 @@
# Copyright (c) 2017, 2018 Michael De La Rue
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'status': ['preview'],
'supported_by': 'community',
'metadata_version': '1.1'}
@ -14,36 +18,43 @@ module: rds_snapshot_info
version_added: "2.6"
short_description: obtain information about one or more RDS snapshots
description:
- obtain information about one or more RDS snapshots. These can be for unclustered snapshots or snapshots of clustered DBs (Aurora)
- Obtain information about one or more RDS snapshots. These can be for unclustered snapshots or snapshots of clustered DBs (Aurora).
- Aurora snapshot information may be obtained if no identifier parameters are passed or if one of the cluster parameters are passed.
- This module was called C(rds_snapshot_facts) before Ansible 2.9. The usage did not change.
options:
db_snapshot_identifier:
description:
- Name of an RDS (unclustered) snapshot. Mutually exclusive with I(db_instance_identifier), I(db_cluster_identifier), I(db_cluster_snapshot_identifier)
- Name of an RDS (unclustered) snapshot.
- Mutually exclusive with I(db_instance_identifier), I(db_cluster_identifier), I(db_cluster_snapshot_identifier)
required: false
aliases:
- snapshot_name
type: str
db_instance_identifier:
description:
- RDS instance name for which to find snapshots. Mutually exclusive with I(db_snapshot_identifier), I(db_cluster_identifier),
I(db_cluster_snapshot_identifier)
- RDS instance name for which to find snapshots.
- Mutually exclusive with I(db_snapshot_identifier), I(db_cluster_identifier), I(db_cluster_snapshot_identifier)
required: false
type: str
db_cluster_identifier:
description:
- RDS cluster name for which to find snapshots. Mutually exclusive with I(db_snapshot_identifier), I(db_instance_identifier),
I(db_cluster_snapshot_identifier)
- RDS cluster name for which to find snapshots.
- Mutually exclusive with I(db_snapshot_identifier), I(db_instance_identifier), I(db_cluster_snapshot_identifier)
required: false
type: str
db_cluster_snapshot_identifier:
description:
- Name of an RDS cluster snapshot. Mutually exclusive with I(db_instance_identifier), I(db_snapshot_identifier), I(db_cluster_identifier)
- Name of an RDS cluster snapshot.
- Mutually exclusive with I(db_instance_identifier), I(db_snapshot_identifier), I(db_cluster_identifier)
required: false
type: str
snapshot_type:
description:
- Type of snapshot to find. By default both automated and manual
snapshots will be returned.
- Type of snapshot to find.
- By default both automated and manual snapshots will be returned.
required: false
choices: ['automated', 'manual', 'shared', 'public']
type: str
requirements:
- "python >= 2.6"
- "boto3"

@ -21,117 +21,158 @@ module: redshift
version_added: "2.2"
short_description: create, delete, or modify an Amazon Redshift instance
description:
- Creates, deletes, or modifies amazon Redshift cluster instances.
- Creates, deletes, or modifies Amazon Redshift cluster instances.
options:
command:
description:
- Specifies the action to take.
required: true
choices: [ 'create', 'facts', 'delete', 'modify' ]
type: str
identifier:
description:
- Redshift cluster identifier.
required: true
type: str
node_type:
description:
- The node type of the cluster. Must be specified when command=create.
choices: ['ds1.xlarge', 'ds1.8xlarge', 'ds2.xlarge', 'ds2.8xlarge', 'dc1.large', 'dc1.8xlarge', 'dc2.large', 'dc2.8xlarge',
'dw1.xlarge', 'dw1.8xlarge', 'dw2.large', 'dw2.8xlarge']
- The node type of the cluster.
- Require when I(command=create).
choices: ['ds1.xlarge', 'ds1.8xlarge', 'ds2.xlarge', 'ds2.8xlarge', 'dc1.large','dc2.large',
'dc1.8xlarge', 'dw1.xlarge', 'dw1.8xlarge', 'dw2.large', 'dw2.8xlarge']
type: str
username:
description:
- Master database username. Used only when command=create.
- Master database username.
- Used only when I(command=create).
type: str
password:
description:
- Master database password. Used only when command=create.
- Master database password.
- Used only when I(command=create).
type: str
cluster_type:
description:
- The type of cluster.
choices: ['multi-node', 'single-node' ]
default: 'single-node'
type: str
db_name:
description:
- Name of the database.
type: str
availability_zone:
description:
- availability zone in which to launch cluster
- Availability zone in which to launch cluster.
aliases: ['zone', 'aws_zone']
type: str
number_of_nodes:
description:
- Number of nodes. Only used when cluster_type=multi-node.
- Number of nodes.
- Only used when I(cluster_type=multi-node).
type: int
cluster_subnet_group_name:
description:
- which subnet to place the cluster
- Which subnet to place the cluster.
aliases: ['subnet']
type: str
cluster_security_groups:
description:
- in which security group the cluster belongs
- In which security group the cluster belongs.
type: list
elements: str
aliases: ['security_groups']
vpc_security_group_ids:
description:
- VPC security group
aliases: ['vpc_security_groups']
type: list
elements: str
skip_final_cluster_snapshot:
description:
- skip a final snapshot before deleting the cluster. Used only when command=delete.
- Skip a final snapshot before deleting the cluster.
- Used only when I(command=delete).
aliases: ['skip_final_snapshot']
default: 'no'
default: false
version_added: "2.4"
type: bool
final_cluster_snapshot_identifier:
description:
- identifier of the final snapshot to be created before deleting the cluster. If this parameter is provided,
final_cluster_snapshot_identifier must be false. Used only when command=delete.
- Identifier of the final snapshot to be created before deleting the cluster.
- If this parameter is provided, I(skip_final_cluster_snapshot) must be C(false).
- Used only when I(command=delete).
aliases: ['final_snapshot_id']
version_added: "2.4"
type: str
preferred_maintenance_window:
description:
- maintenance window
- 'Maintenance window in format of C(ddd:hh24:mi-ddd:hh24:mi). (Example: C(Mon:22:00-Mon:23:15))'
- Times are specified in UTC.
- If not specified then a random 30 minute maintenance window is assigned.
aliases: ['maintance_window', 'maint_window']
type: str
cluster_parameter_group_name:
description:
- name of the cluster parameter group
- Name of the cluster parameter group.
aliases: ['param_group_name']
type: str
automated_snapshot_retention_period:
description:
- period when the snapshot take place
- The number of days that automated snapshots are retained.
aliases: ['retention_period']
type: int
port:
description:
- which port the cluster is listening
- Which port the cluster is listening on.
type: int
cluster_version:
description:
- which version the cluster should have
- Which version the cluster should have.
aliases: ['version']
choices: ['1.0']
type: str
allow_version_upgrade:
description:
- flag to determinate if upgrade of version is possible
- When I(allow_version_upgrade=true) the cluster may be automatically
upgraded during the maintenance window.
aliases: ['version_upgrade']
default: 'yes'
default: true
type: bool
publicly_accessible:
description:
- if the cluster is accessible publicly or not
default: 'no'
- If the cluster is accessible publicly or not.
default: false
type: bool
encrypted:
description:
- if the cluster is encrypted or not
default: 'no'
- If the cluster is encrypted or not.
default: false
type: bool
elastic_ip:
description:
- if the cluster has an elastic IP or not
- An Elastic IP to use for the cluster.
type: str
new_cluster_identifier:
description:
- Only used when command=modify.
aliases: ['new_identifier']
type: str
wait:
description:
- When command=create, modify or restore then wait for the database to enter the 'available' state.
When command=delete wait for the database to be terminated.
- When I(command=create), I(command=modify) or I(command=restore) then wait for the database to enter the 'available' state.
- When I(command=delete) wait for the database to be terminated.
type: bool
default: 'no'
default: false
wait_timeout:
description:
- how long before wait gives up, in seconds
- When I(wait=true) defines how long in seconds before giving up.
default: 300
type: int
enhanced_vpc_routing:
description:
- Whether the cluster should have enhanced VPC routing enabled.
default: false
type: bool
requirements: [ 'boto3' ]
extends_documentation_fragment:
- aws

@ -3,6 +3,10 @@
# Copyright: (c) 2018, JR Kerkstra <jrkerkstra@example.org>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'status': ['preview'],
'supported_by': 'community',
'metadata_version': '1.1'}
@ -13,7 +17,7 @@ module: redshift_cross_region_snapshots
short_description: Manage Redshift Cross Region Snapshots
description:
- Manage Redshift Cross Region Snapshots. Supports KMS-Encrypted Snapshots.
- For more information, see https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-snapshots.html#cross-region-snapshot-copy
- For more information, see U(https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-snapshots.html#cross-region-snapshot-copy)
version_added: "2.8"
author: JR Kerkstra (@captainkerk)
options:
@ -22,33 +26,39 @@ options:
- The name of the cluster to configure cross-region snapshots for.
required: true
aliases: [ "cluster" ]
type: str
state:
description:
- Create or remove the cross-region snapshot configuration.
required: true
choices: [ "present", "absent" ]
default: present
type: str
region:
description:
- The clusters region
- "The cluster's region."
required: true
aliases: [ "source" ]
type: str
destination_region:
description:
- The region to copy snapshots to
- The region to copy snapshots to.
required: true
aliases: [ "destination" ]
type: str
snapshot_copy_grant:
description:
- A grant for Amazon Redshift to use a master key in the destination region.
- See http://boto3.readthedocs.io/en/latest/reference/services/redshift.html#Redshift.Client.create_snapshot_copy_grant
- A grant for Amazon Redshift to use a master key in the I(destination_region).
- See U(http://boto3.readthedocs.io/en/latest/reference/services/redshift.html#Redshift.Client.create_snapshot_copy_grant)
required: false
aliases: [ "copy_grant" ]
type: str
snapshot_retention_period:
description:
- Keep cross-region snapshots for N number of days
- The number of days to keep cross-region snapshots for.
required: true
aliases: [ "retention_period" ]
type: int
requirements: [ "botocore", "boto3" ]
extends_documentation_fragment:
- ec2
@ -68,7 +78,7 @@ EXAMPLES = '''
redshift_cross_region_snapshots:
cluster_name: whatever
state: present
source: us-east-1
region: us-east-1
destination: us-west-2
copy_grant: 'my-grant-in-destination'
retention_period: 10

@ -17,7 +17,7 @@ module: redshift_info
author: "Jens Carl (@j-carl)"
short_description: Gather information about Redshift cluster(s)
description:
- Gather information about Redshift cluster(s)
- Gather information about Redshift cluster(s).
- This module was called C(redshift_facts) before Ansible 2.9. The usage did not change.
version_added: "2.4"
requirements: [ boto3 ]
@ -28,11 +28,13 @@ options:
- "This is a regular expression match with implicit '^'. Append '$' for a complete match."
required: false
aliases: ['name', 'identifier']
type: str
tags:
description:
- "A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' }
to match against the security group(s) you are searching for."
required: false
type: dict
extends_documentation_fragment:
- ec2
- aws

@ -25,21 +25,25 @@ options:
state:
description:
- Specifies whether the subnet should be present or absent.
default: 'present'
choices: ['present', 'absent' ]
type: str
group_name:
description:
- Cluster subnet group name.
required: true
aliases: ['name']
type: str
group_description:
description:
- Database subnet group description.
aliases: ['description']
type: str
group_subnets:
description:
- List of subnet IDs that make up the cluster subnet group.
aliases: ['subnets']
type: list
elements: str
requirements: [ 'boto' ]
extends_documentation_fragment:
- aws

@ -28,70 +28,79 @@ options:
required: true
aliases: [ 'command' ]
choices: [ 'present', 'absent', 'get', 'create', 'delete' ]
type: str
zone:
description:
- The DNS zone to modify
- This is a required parameter, if parameter C(hosted_zone_id) is not supplied.
- The DNS zone to modify.
- This is a required parameter, if parameter I(hosted_zone_id) is not supplied.
type: str
hosted_zone_id:
description:
- The Hosted Zone ID of the DNS zone to modify
- This is a required parameter, if parameter C(zone) is not supplied.
- The Hosted Zone ID of the DNS zone to modify.
- This is a required parameter, if parameter I(zone) is not supplied.
version_added: "2.0"
type: str
record:
description:
- The full DNS record to create or delete
- The full DNS record to create or delete.
required: true
type: str
ttl:
description:
- The TTL to give the new record
default: 3600 (one hour)
- The TTL, in second, to give the new record.
default: 3600
type: int
type:
description:
- The type of DNS record to create
- The type of DNS record to create.
required: true
choices: [ 'A', 'CNAME', 'MX', 'AAAA', 'TXT', 'PTR', 'SRV', 'SPF', 'CAA', 'NS', 'SOA' ]
type: str
alias:
description:
- Indicates if this is an alias record.
version_added: "1.9"
type: bool
default: 'no'
default: false
alias_hosted_zone_id:
description:
- The hosted zone identifier.
version_added: "1.9"
type: str
alias_evaluate_target_health:
description:
- Whether or not to evaluate an alias target health. Useful for aliases to Elastic Load Balancers.
type: bool
default: no
default: false
version_added: "2.1"
value:
description:
- The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records.
- When deleting a record all values for the record must be specified or Route53 will not delete it.
type: list
overwrite:
description:
- Whether an existing record should be overwritten on create if values do not match
- Whether an existing record should be overwritten on create if values do not match.
type: bool
retry_interval:
description:
- In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many
domain names, the default of 500 seconds may be too long.
- In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds.
If you have many domain names, the default of 500 seconds may be too long.
default: 500
type: int
private_zone:
description:
- If set to C(yes), the private zone matching the requested name within the domain will be used if there are both public and private zones.
The default is to use the public zone.
type: bool
default: 'no'
default: false
version_added: "1.9"
identifier:
description:
- Have to be specified for Weighted, latency-based and failover resource record sets only. An identifier
that differentiates among multiple resource record sets that have the
same combination of DNS name and type.
- Have to be specified for Weighted, latency-based and failover resource record sets only.
An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
version_added: "2.0"
type: str
weight:
description:
- Weighted resource record sets only. Among resource record sets that
@ -99,6 +108,7 @@ options:
determines what portion of traffic for the current resource record set
is routed to the associated location.
version_added: "2.0"
type: int
region:
description:
- Latency-based resource record sets only Among resource record sets
@ -106,31 +116,37 @@ options:
determines which region this should be associated with for the
latency-based routing
version_added: "2.0"
type: str
health_check:
description:
- Health check to associate with this record
version_added: "2.0"
type: str
failover:
description:
- Failover resource record sets only. Whether this is the primary or
secondary resource record set. Allowed values are PRIMARY and SECONDARY
version_added: "2.0"
type: str
choices: ['SECONDARY', 'PRIMARY']
vpc_id:
description:
- "When used in conjunction with private_zone: true, this will only modify records in the private hosted zone attached to this VPC."
- This allows you to have multiple private hosted zones, all with the same name, attached to different VPCs.
version_added: "2.0"
type: str
wait:
description:
- Wait until the changes have been replicated to all Amazon Route 53 DNS servers.
type: bool
default: 'no'
default: false
version_added: "2.1"
wait_timeout:
description:
- How long to wait for the changes to be replicated, in seconds.
default: 300
version_added: "2.1"
type: int
author:
- Bruce Pennypacker (@bpennypacker)
- Mike Buzzetti (@jimbydamonk)
@ -139,7 +155,7 @@ extends_documentation_fragment: aws
RETURN = '''
nameservers:
description: nameservers associated with the zone
description: Nameservers associated with the zone.
returned: when state is 'get'
type: list
sample:
@ -148,68 +164,66 @@ nameservers:
- ns-1504.awsdns-00.co.uk.
- ns-1.awsdns-00.com.
set:
description: info specific to the resource record
description: Info specific to the resource record.
returned: when state is 'get'
type: complex
contains:
alias:
description: whether this is an alias
description: Whether this is an alias.
returned: always
type: bool
sample: false
failover:
description: ""
description: Whether this is the primary or secondary resource record set.
returned: always
type: NoneType
sample: null
type: str
sample: PRIMARY
health_check:
description: health_check associated with this record
description: health_check associated with this record.
returned: always
type: NoneType
sample: null
type: str
identifier:
description: ""
description: An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
returned: always
type: NoneType
sample: null
type: str
record:
description: domain name for the record set
description: Domain name for the record set.
returned: always
type: str
sample: new.foo.com.
region:
description: ""
description: Which region this should be associated with for latency-based routing.
returned: always
type:
sample:
type: str
sample: us-west-2
ttl:
description: resource record cache TTL
description: Resource record cache TTL.
returned: always
type: str
sample: '3600'
type:
description: record set type
description: Resource record set type.
returned: always
type: str
sample: A
value:
description: value
description: Record value.
returned: always
type: str
sample: 52.43.18.27
values:
description: values
description: Record Values.
returned: always
type: list
sample:
- 52.43.18.27
weight:
description: weight of the record
description: Weight of the record.
returned: always
type: str
sample: '3'
zone:
description: zone this record set belongs to
description: Zone this record set belongs to.
returned: always
type: str
sample: foo.bar.com.

@ -1,18 +1,10 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['stableinterface'],
@ -22,9 +14,9 @@ ANSIBLE_METADATA = {'metadata_version': '1.1',
DOCUMENTATION = '''
---
module: route53_health_check
short_description: add or delete health-checks in Amazons Route53 DNS service
short_description: Add or delete health-checks in Amazons Route53 DNS service
description:
- Creates and deletes DNS Health checks in Amazons Route53 service
- Creates and deletes DNS Health checks in Amazons Route53 service.
- Only the port, resource_path, string_match and request_interval are
considered when updating existing health-checks.
version_added: "2.0"
@ -34,20 +26,24 @@ options:
- Specifies the action to take.
required: true
choices: [ 'present', 'absent' ]
type: str
default: 'present'
ip_address:
description:
- IP address of the end-point to check. Either this or `fqdn` has to be
provided.
- IP address of the end-point to check. Either this or I(fqdn) has to be provided.
type: str
port:
description:
- The port on the endpoint on which you want Amazon Route 53 to perform
health checks. Required for TCP checks.
type: int
type:
description:
- The type of health check that you want to create, which indicates how
Amazon Route 53 determines whether an endpoint is healthy.
required: true
choices: [ 'HTTP', 'HTTPS', 'HTTP_STR_MATCH', 'HTTPS_STR_MATCH', 'TCP' ]
type: str
resource_path:
description:
- The path that you want Amazon Route 53 to request when performing
@ -57,17 +53,20 @@ options:
- Required for all checks except TCP.
- The path must begin with a /
- Maximum 255 characters.
type: str
fqdn:
description:
- Domain name of the endpoint to check. Either this or `ip_address` has
- Domain name of the endpoint to check. Either this or I(ip_address) has
to be provided. When both are given the `fqdn` is used in the `Host:`
header of the HTTP request.
type: str
string_match:
description:
- If the check type is HTTP_STR_MATCH or HTTP_STR_MATCH, the string
that you want Amazon Route 53 to search for in the response body from
the specified resource. If the string appears in the first 5120 bytes
of the response body, Amazon Route 53 considers the resource healthy.
type: str
request_interval:
description:
- The number of seconds between the time that Amazon Route 53 gets a
@ -76,6 +75,7 @@ options:
required: true
default: 30
choices: [ 10, 30 ]
type: int
failure_threshold:
description:
- The number of consecutive health checks that an endpoint must pass or
@ -84,6 +84,7 @@ options:
required: true
default: 3
choices: [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 ]
type: int
author: "zimbatm (@zimbatm)"
extends_documentation_fragment:
- aws

@ -21,7 +21,7 @@ version_added: "2.0"
options:
query:
description:
- specifies the query action to take.
- Specifies the query action to take.
required: True
choices: [
'change',
@ -31,64 +31,76 @@ options:
'record_sets',
'reusable_delegation_set',
]
type: str
change_id:
description:
- The ID of the change batch request.
- The value that you specify here is the value that
ChangeResourceRecordSets returned in the Id element
when you submitted the request.
- Required if C(query) is set to C(change).
- Required if I(query=change).
required: false
type: str
hosted_zone_id:
description:
- The Hosted Zone ID of the DNS zone.
- Required if C(query) is set to C(hosted_zone) and C(hosted_zone_method) is set to C(details).
- Required if C(query) is set to C(record_sets).
- Required if I(query) is set to I(hosted_zone) and I(hosted_zone_method) is set to I(details).
- Required if I(query) is set to I(record_sets).
required: false
type: str
max_items:
description:
- Maximum number of items to return for various get/list requests.
required: false
type: int
next_marker:
description:
- "Some requests such as list_command: hosted_zones will return a maximum
number of entries - EG 100 or the number specified by max_items.
number of entries - EG 100 or the number specified by I(max_items).
If the number of entries exceeds this maximum another request can be sent
using the NextMarker entry from the first response to get the next page
of results."
required: false
type: int
delegation_set_id:
description:
- The DNS Zone delegation set ID.
required: false
type: str
start_record_name:
description:
- "The first name in the lexicographic ordering of domain names that you want
the list_command: record_sets to start listing from."
required: false
type: str
type:
description:
- The type of DNS record
- The type of DNS record.
required: false
choices: [ 'A', 'CNAME', 'MX', 'AAAA', 'TXT', 'PTR', 'SRV', 'SPF', 'CAA', 'NS' ]
type: str
dns_name:
description:
- The first name in the lexicographic ordering of domain names that you want
the list_command to start listing from.
required: false
type: str
resource_id:
description:
- The ID/s of the specified resource/s.
- Required if C(query) is set to C(health_check) and C(health_check_method) is to C(tags).
- Required if C(query) is set to C(hosted_zone) and C(hosted_zone_method) is to C(tags).
- Required if I(query=health_check) and I(health_check_method=tags).
- Required if I(query=hosted_zone) and I(hosted_zone_method=tags).
required: false
aliases: ['resource_ids']
type: list
elements: str
health_check_id:
description:
- The ID of the health check.
- Required if C(query) is set to C(health_check) and
C(health_check_method) is set to C(details) or C(status) or C(failure_reason).
required: false
type: str
hosted_zone_method:
description:
- "This is used in conjunction with query: hosted_zone.
@ -103,6 +115,7 @@ options:
'tags',
]
default: 'list'
type: str
health_check_method:
description:
- "This is used in conjunction with query: health_check.
@ -118,6 +131,7 @@ options:
'tags',
]
default: 'list'
type: str
author: Karen Cheng (@Etherdaemon)
extends_documentation_fragment:
- aws
@ -403,8 +417,8 @@ def main():
], required=True),
change_id=dict(),
hosted_zone_id=dict(),
max_items=dict(type='str'),
next_marker=dict(),
max_items=dict(type='int'),
next_marker=dict(type='int'),
delegation_set_id=dict(),
start_record_name=dict(),
type=dict(choices=[

@ -1,18 +1,10 @@
#!/usr/bin/python
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['stableinterface'],
@ -23,7 +15,7 @@ DOCUMENTATION = '''
module: route53_zone
short_description: add or delete Route53 zones
description:
- Creates and deletes Route53 private and public zones
- Creates and deletes Route53 private and public zones.
version_added: "2.0"
requirements: [ boto3 ]
options:
@ -31,31 +23,38 @@ options:
description:
- "The DNS zone record (eg: foo.com.)"
required: true
type: str
state:
description:
- whether or not the zone should exist or not
- Whether or not the zone should exist or not.
default: present
choices: [ "present", "absent" ]
type: str
vpc_id:
description:
- The VPC ID the zone should be a part of (if this is going to be a private zone)
- The VPC ID the zone should be a part of (if this is going to be a private zone).
type: str
vpc_region:
description:
- The VPC Region the zone should be a part of (if this is going to be a private zone)
- The VPC Region the zone should be a part of (if this is going to be a private zone).
type: str
comment:
description:
- Comment associated with the zone
- Comment associated with the zone.
default: ''
type: str
hosted_zone_id:
description:
- The unique zone identifier you want to delete or "all" if there are many zones with the same domain name.
Required if there are multiple zones identified with the above options
- Required if there are multiple zones identified with the above options.
version_added: 2.4
type: str
delegation_set_id:
description:
- The reusable delegation set ID to be associated with the zone.
Note that you can't associate a reusable delegation set with a private hosted zone.
- Note that you can't associate a reusable delegation set with a private hosted zone.
version_added: 2.6
type: str
extends_documentation_fragment:
- aws
- ec2

@ -28,50 +28,64 @@ options:
- Default message for subscriptions without a more specific message.
required: true
aliases: [ "default" ]
type: str
subject:
description:
- Message subject
type: str
topic:
description:
- The name or ARN of the topic to publish to.
required: true
type: str
email:
description:
- Message to send to email subscriptions.
type: str
email_json:
description:
- Message to send to email-json subscriptions
- Message to send to email-json subscriptions.
version_added: '2.8'
type: str
sqs:
description:
- Message to send to SQS subscriptions
- Message to send to SQS subscriptions.
type: str
sms:
description:
- Message to send to SMS subscriptions
- Message to send to SMS subscriptions.
type: str
http:
description:
- Message to send to HTTP subscriptions
- Message to send to HTTP subscriptions.
type: str
https:
description:
- Message to send to HTTPS subscriptions
- Message to send to HTTPS subscriptions.
type: str
application:
description:
- Message to send to application subscriptions
- Message to send to application subscriptions.
version_added: '2.8'
type: str
lambda:
description:
- Message to send to Lambda subscriptions
- Message to send to Lambda subscriptions.
version_added: '2.8'
type: str
message_attributes:
description:
- Dictionary of message attributes. These are optional structured data entries to be sent along to the endpoint.
- This is in AWS's distinct Name/Type/Value format; see example below.
type: dict
message_structure:
description:
- The payload format to use for the message.
- This must be 'json' to support protocol-specific messages (`http`, `https`, `email`, `sms`, `sqs`). It must be 'string' to support message_attributes.
- This must be 'json' to support protocol-specific messages (C(http), C(https), C(email), C(sms), C(sqs)).
- It must be 'string' to support I(message_attributes).
default: json
choices: ['json', 'string']
type: str
extends_documentation_fragment:
- ec2
- aws

@ -16,8 +16,8 @@ DOCUMENTATION = """
module: sns_topic
short_description: Manages AWS SNS topics and subscriptions
description:
- The C(sns_topic) module allows you to create, delete, and manage subscriptions for AWS SNS topics. As of 2.6,
this module can be use to subscribe and unsubscribe to topics outside of your AWS account.
- The M(sns_topic) module allows you to create, delete, and manage subscriptions for AWS SNS topics.
- As of 2.6, this module can be use to subscribe and unsubscribe to topics outside of your AWS account.
version_added: 2.0
author:
- "Joel Thompson (@joelthompson)"
@ -26,22 +26,27 @@ author:
options:
name:
description:
- The name or ARN of the SNS topic to manage
required: True
- The name or ARN of the SNS topic to manage.
required: true
type: str
state:
description:
- Whether to create or destroy an SNS topic
- Whether to create or destroy an SNS topic.
default: present
choices: ["absent", "present"]
type: str
display_name:
description:
- Display name of the topic
- Display name of the topic.
type: str
policy:
description:
- Policy to apply to the SNS topic
- Policy to apply to the SNS topic.
type: dict
delivery_policy:
description:
- Delivery policy to apply to the SNS topic
- Delivery policy to apply to the SNS topic.
type: dict
subscriptions:
description:
- List of subscriptions to apply to the topic. Note that AWS requires
@ -49,11 +54,13 @@ options:
subscriptions.
suboptions:
endpoint:
description: Endpoint of subscription
required: yes
description: Endpoint of subscription.
required: true
protocol:
description: Protocol of subscription
required: yes
description: Protocol of subscription.
required: true
type: list
elements: dict
default: []
purge_subscriptions:
description:
@ -62,7 +69,7 @@ options:
exist and would be purged, they are silently skipped. This means that
somebody could come back later and confirm the subscription. Sorry.
Blame Amazon."
default: 'yes'
default: true
type: bool
extends_documentation_fragment:
- aws

@ -28,37 +28,46 @@ requirements:
options:
state:
description:
- Create or delete the queue
- Create or delete the queue.
required: false
choices: ['present', 'absent']
default: 'present'
type: str
name:
description:
- Name of the queue.
required: true
type: str
default_visibility_timeout:
description:
- The default visibility timeout in seconds.
type: int
message_retention_period:
description:
- The message retention period in seconds.
type: int
maximum_message_size:
description:
- The maximum message size in bytes.
type: int
delivery_delay:
description:
- The delivery delay in seconds.
type: int
receive_message_wait_time:
description:
- The receive message wait time in seconds.
type: int
policy:
description:
- The json dict policy to attach to queue
- The JSON dict policy to attach to queue.
version_added: "2.1"
type: dict
redrive_policy:
description:
- json dict with the redrive_policy (see example)
- JSON dict with the redrive_policy (see example).
version_added: "2.2"
type: dict
extends_documentation_fragment:
- aws
- ec2

@ -16,7 +16,7 @@ DOCUMENTATION = '''
module: sts_assume_role
short_description: Assume a role using AWS Security Token Service and obtain temporary credentials
description:
- Assume a role using AWS Security Token Service and obtain temporary credentials
- Assume a role using AWS Security Token Service and obtain temporary credentials.
version_added: "2.0"
author:
- Boris Ekelchik (@bekelchik)
@ -27,27 +27,34 @@ options:
- The Amazon Resource Name (ARN) of the role that the caller is
assuming U(https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs).
required: true
type: str
role_session_name:
description:
- Name of the role's session - will be used by CloudTrail
- Name of the role's session - will be used by CloudTrail.
required: true
type: str
policy:
description:
- Supplemental policy to use in addition to assumed role's policies.
type: str
duration_seconds:
description:
- The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 43200 seconds (12 hours).
The max depends on the IAM role's sessions duration setting.
By default, the value is set to 3600 seconds.
- The max depends on the IAM role's sessions duration setting.
- By default, the value is set to 3600 seconds.
type: int
external_id:
description:
- A unique identifier that is used by third parties to assume a role in their customers' accounts.
type: str
mfa_serial_number:
description:
- The identification number of the MFA device that is associated with the user who is making the AssumeRole call.
type: str
mfa_token:
description:
- The value provided by the MFA device, if the trust policy of the role being assumed requires MFA.
type: str
notes:
- In order to use the assumed role in a following playbook task you must pass the access_key, access_secret and access_token.
extends_documentation_fragment:
@ -156,8 +163,8 @@ def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
role_arn=dict(required=True, default=None),
role_session_name=dict(required=True, default=None),
role_arn=dict(required=True),
role_session_name=dict(required=True),
duration_seconds=dict(required=False, default=None, type='int'),
external_id=dict(required=False, default=None),
policy=dict(required=False, default=None),

@ -16,7 +16,7 @@ DOCUMENTATION = '''
module: sts_session_token
short_description: Obtain a session token from the AWS Security Token Service
description:
- Obtain a session token from the AWS Security Token Service
- Obtain a session token from the AWS Security Token Service.
version_added: "2.2"
author: Victor Costan (@pwnall)
options:
@ -25,12 +25,15 @@ options:
- The duration, in seconds, of the session token.
See U(https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html#API_GetSessionToken_RequestParameters)
for acceptable and default values.
type: int
mfa_serial_number:
description:
- The identification number of the MFA device that is associated with the user who is making the GetSessionToken call.
type: str
mfa_token:
description:
- The value provided by the MFA device, if the trust policy of the user requires MFA.
type: str
notes:
- In order to use the session token in a following playbook task you must pass the I(access_key), I(access_secret) and I(access_token).
extends_documentation_fragment:

@ -596,103 +596,6 @@ lib/ansible/modules/cloud/amazon/ec2_vol.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/ec2_vol_info.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/ec2_win_password.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/ec2_win_password.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/execute_lambda.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/execute_lambda.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/execute_lambda.py validate-modules:doc-default-does-not-match-spec
lib/ansible/modules/cloud/amazon/execute_lambda.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/execute_lambda.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/iam_policy.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/iam_policy.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/iam_policy.py validate-modules:no-default-for-required-parameter
lib/ansible/modules/cloud/amazon/iam_policy.py validate-modules:doc-default-incompatible-type
lib/ansible/modules/cloud/amazon/iam_policy.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/iam_policy.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/iam_role.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/iam_role.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/iam_role.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/iam_role_info.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/kinesis_stream.py pylint:blacklisted-name
lib/ansible/modules/cloud/amazon/kinesis_stream.py validate-modules:no-default-for-required-parameter
lib/ansible/modules/cloud/amazon/kinesis_stream.py validate-modules:doc-default-does-not-match-spec
lib/ansible/modules/cloud/amazon/kinesis_stream.py validate-modules:doc-choices-do-not-match-spec
lib/ansible/modules/cloud/amazon/kinesis_stream.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/kinesis_stream.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/lambda.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/lambda.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/lambda.py validate-modules:nonexistent-parameter-documented
lib/ansible/modules/cloud/amazon/lambda.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/lambda.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/lambda_alias.py validate-modules:no-default-for-required-parameter
lib/ansible/modules/cloud/amazon/lambda_alias.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/lambda_alias.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/lambda_event.py validate-modules:no-default-for-required-parameter
lib/ansible/modules/cloud/amazon/lambda_event.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/lambda_event.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/_lambda_facts.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/_lambda_facts.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/_lambda_facts.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/lambda_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/lambda_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/lambda_info.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/lambda_policy.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/lambda_policy.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/lambda_policy.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/lambda_policy.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/lightsail.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/rds.py validate-modules:undocumented-parameter
lib/ansible/modules/cloud/amazon/rds.py validate-modules:doc-default-incompatible-type
lib/ansible/modules/cloud/amazon/rds.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/rds.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/rds_instance_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/rds_instance_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/rds_instance_info.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/rds_instance_info.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/rds_param_group.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/rds_param_group.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/rds_param_group.py validate-modules:doc-default-does-not-match-spec
lib/ansible/modules/cloud/amazon/rds_param_group.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/rds_param_group.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/rds_snapshot.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/rds_snapshot.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/rds_snapshot_info.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/rds_snapshot_info.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/rds_snapshot_info.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/redshift.py validate-modules:undocumented-parameter
lib/ansible/modules/cloud/amazon/redshift.py validate-modules:doc-choices-do-not-match-spec
lib/ansible/modules/cloud/amazon/redshift.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/redshift.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/redshift_cross_region_snapshots.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/redshift_cross_region_snapshots.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/redshift_cross_region_snapshots.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/redshift_info.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/redshift_subnet_group.py validate-modules:doc-default-does-not-match-spec
lib/ansible/modules/cloud/amazon/redshift_subnet_group.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/redshift_subnet_group.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/route53.py validate-modules:doc-choices-do-not-match-spec
lib/ansible/modules/cloud/amazon/route53.py validate-modules:doc-default-incompatible-type
lib/ansible/modules/cloud/amazon/route53.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/route53.py validate-modules:return-syntax-error
lib/ansible/modules/cloud/amazon/route53_health_check.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/route53_health_check.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/route53_health_check.py validate-modules:doc-default-does-not-match-spec
lib/ansible/modules/cloud/amazon/route53_health_check.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/route53_health_check.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/route53_info.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/route53_info.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/route53_zone.py future-import-boilerplate
lib/ansible/modules/cloud/amazon/route53_zone.py metaclass-boilerplate
lib/ansible/modules/cloud/amazon/route53_zone.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/sns.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/sns.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/sns_topic.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/sns_topic.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/sqs_queue.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/sqs_queue.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/sts_assume_role.py validate-modules:no-default-for-required-parameter
lib/ansible/modules/cloud/amazon/sts_assume_role.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/sts_assume_role.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/amazon/sts_session_token.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/amazon/sts_session_token.py validate-modules:doc-missing-type
lib/ansible/modules/cloud/atomic/atomic_container.py validate-modules:no-default-for-required-parameter
lib/ansible/modules/cloud/atomic/atomic_container.py validate-modules:parameter-type-not-in-doc
lib/ansible/modules/cloud/atomic/atomic_container.py validate-modules:doc-missing-type
@ -6113,8 +6016,6 @@ test/units/plugins/test_plugins.py pylint:blacklisted-name
test/units/template/test_templar.py pylint:blacklisted-name
test/units/test_constants.py future-import-boilerplate
test/units/test_context.py future-import-boilerplate
test/units/utils/amazon_placebo_fixtures.py future-import-boilerplate
test/units/utils/amazon_placebo_fixtures.py metaclass-boilerplate
test/units/utils/fixtures/collections/ansible_collections/my_namespace/my_collection/plugins/action/my_action.py future-import-boilerplate
test/units/utils/fixtures/collections/ansible_collections/my_namespace/my_collection/plugins/action/my_action.py metaclass-boilerplate
test/units/utils/fixtures/collections/ansible_collections/my_namespace/my_collection/plugins/module_utils/my_other_util.py future-import-boilerplate

@ -1,3 +1,6 @@
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import errno
import os
import time

Loading…
Cancel
Save