--- # ============================================================ - name: set up aws connection info set_fact: aws_connection_info: &aws_connection_info aws_access_key: "{{ aws_access_key }}" aws_secret_key: "{{ aws_secret_key }}" security_token: "{{ security_token }}" region: "{{ aws_region }}" no_log: yes - name: test register email identity block: - name: register email identity aws_ses_identity: identity: "{{ email_identity }}" state: present <<: *aws_connection_info register: result - name: assert changed is True assert: that: - result.changed == True - import_tasks: assert_defaults.yaml vars: identity: "{{ email_identity }}" always: - name: cleanup email identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test register domain identity block: - name: register domain identity aws_ses_identity: identity: "{{ domain_identity }}" state: present <<: *aws_connection_info register: result - name: assert changed is True assert: that: - result.changed == True - import_tasks: assert_defaults.yaml vars: identity: "{{ domain_identity }}" - name: assert verification_attributes.verification_token is defined assert: that: - result.verification_attributes.verification_token always: - name: cleanup domain identity aws_ses_identity: identity: "{{ domain_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test email_identity unchanged when already existing block: - name: register identity aws_ses_identity: identity: "{{ email_identity }}" state: present <<: *aws_connection_info - name: duplicate register identity aws_ses_identity: identity: "{{ email_identity }}" state: present <<: *aws_connection_info register: result - name: assert changed is False assert: that: - result.changed == False - import_tasks: assert_defaults.yaml vars: identity: "{{ email_identity }}" always: - name: cleanup identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test domain_identity unchanged when already existing block: - name: register identity aws_ses_identity: identity: "{{ domain_identity }}" state: present <<: *aws_connection_info - name: duplicate register identity aws_ses_identity: identity: "{{ domain_identity }}" state: present <<: *aws_connection_info register: result - name: assert changed is False assert: that: - result.changed == False - import_tasks: assert_defaults.yaml vars: identity: "{{ domain_identity }}" always: - name: cleanup identity aws_ses_identity: identity: "{{ domain_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test register email identity check mode block: - name: register email identity check mode aws_ses_identity: identity: "{{ email_identity }}" state: present <<: *aws_connection_info register: result check_mode: True - name: assert changed is True assert: that: - result.changed == True - import_tasks: assert_defaults.yaml vars: identity: "{{ email_identity }}" always: - name: cleanup email identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info register: result - name: assert nothing to clean up since check mode assert: that: - result.changed == False # ============================================================ - name: test register domain identity check mode block: - name: register domain identity check mode aws_ses_identity: identity: "{{ domain_identity }}" state: present <<: *aws_connection_info register: result check_mode: True - name: assert changed is True assert: that: - result.changed == True - import_tasks: assert_defaults.yaml vars: identity: "{{ domain_identity }}" always: - name: cleanup domain identity aws_ses_identity: identity: "{{ domain_identity }}" state: absent <<: *aws_connection_info register: result - name: assert nothing to clean up since check mode assert: that: - result.changed == False # ============================================================ - name: remove non-existent email identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info register: result - name: assert changed is False assert: that: - result.changed == False # ============================================================ - name: remove non-existent domain identity aws_ses_identity: identity: "{{ domain_identity }}" state: absent <<: *aws_connection_info register: result - name: assert changed is False assert: that: - result.changed == False # ============================================================ - name: test remove email identity check mode block: - name: register email identity aws_ses_identity: identity: "{{ email_identity }}" state: present <<: *aws_connection_info register: result - name: remove email identity check mode aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info register: result check_mode: True - name: assert changed is True assert: that: - result.changed == True always: - name: cleanup email identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info register: result - name: assert something to clean up since remove was check mode assert: that: - result.changed == True # ============================================================ - name: test remove domain identity check mode block: - name: register domain identity aws_ses_identity: identity: "{{ domain_identity }}" state: present <<: *aws_connection_info register: result - name: remove domain identity check mode aws_ses_identity: identity: "{{ domain_identity }}" state: absent <<: *aws_connection_info register: result check_mode: True - name: assert changed is True assert: that: - result.changed == True always: - name: cleanup domain identity aws_ses_identity: identity: "{{ domain_identity }}" state: absent <<: *aws_connection_info register: result - name: assert something to clean up since remove was check mode assert: that: - result.changed == True # ============================================================ - name: test set notification queues block: - name: test topic sns_topic: name: "{{ notification_queue_name }}-{{ item }}" state: present <<: *aws_connection_info register: topic_info with_items: - bounce - complaint - delivery - name: register email identity aws_ses_identity: identity: "{{ email_identity }}" state: present bounce_notifications: topic: "{{ topic_info.results[0].sns_arn }}" complaint_notifications: topic: "{{ topic_info.results[1].sns_arn }}" delivery_notifications: topic: "{{ topic_info.results[2].sns_arn }}" <<: *aws_connection_info register: result - name: assert notification settings assert: that: - result.notification_attributes.bounce_topic == topic_info.results[0].sns_arn - result.notification_attributes.complaint_topic == topic_info.results[1].sns_arn - result.notification_attributes.delivery_topic == topic_info.results[2].sns_arn - name: assert notification headers unchanged assert: that: - result.notification_attributes.headers_in_bounce_notifications_enabled == False - result.notification_attributes.headers_in_complaint_notifications_enabled == False - result.notification_attributes.headers_in_delivery_notifications_enabled == False always: - name: cleanup topics sns_topic: name: "{{ notification_queue_name }}-{{ item }}" state: absent <<: *aws_connection_info with_items: - bounce - complaint - delivery - name: cleanup email identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test change notification queues after create block: - name: test topic sns_topic: name: "{{ notification_queue_name }}-{{ item }}" state: present <<: *aws_connection_info register: topic_info with_items: - bounce - complaint - delivery - name: register email identity aws_ses_identity: identity: "{{ email_identity }}" state: present <<: *aws_connection_info - name: set notification topics aws_ses_identity: identity: "{{ email_identity }}" state: present bounce_notifications: topic: "{{ topic_info.results[0].sns_arn }}" complaint_notifications: topic: "{{ topic_info.results[1].sns_arn }}" delivery_notifications: topic: "{{ topic_info.results[2].sns_arn }}" <<: *aws_connection_info register: result - name: assert changed is True assert: that: - result.changed == True - name: assert notification settings assert: that: - result.notification_attributes.bounce_topic == topic_info.results[0].sns_arn - result.notification_attributes.complaint_topic == topic_info.results[1].sns_arn - result.notification_attributes.delivery_topic == topic_info.results[2].sns_arn always: - name: cleanup topics sns_topic: name: "{{ notification_queue_name }}-{{ item }}" state: absent <<: *aws_connection_info with_items: - bounce - complaint - delivery - name: cleanup email identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test change notification settings check mode block: - name: test topic sns_topic: name: "{{ notification_queue_name }}-{{ item }}" state: present <<: *aws_connection_info register: topic_info with_items: - bounce - complaint - delivery - name: register email identity aws_ses_identity: identity: "{{ email_identity }}" state: present <<: *aws_connection_info - name: set notification settings check mode aws_ses_identity: identity: "{{ email_identity }}" state: present bounce_notifications: topic: "{{ topic_info.results[0].sns_arn }}" include_headers: Yes complaint_notifications: topic: "{{ topic_info.results[1].sns_arn }}" include_headers: Yes delivery_notifications: topic: "{{ topic_info.results[2].sns_arn }}" include_headers: Yes feedback_forwarding: No <<: *aws_connection_info register: result check_mode: True - name: assert changed is True assert: that: - result.changed == True - name: assert notification settings assert: that: - result.notification_attributes.bounce_topic == topic_info.results[0].sns_arn - result.notification_attributes.headers_in_bounce_notifications_enabled == True - result.notification_attributes.delivery_topic == topic_info.results[2].sns_arn - result.notification_attributes.headers_in_delivery_notifications_enabled == True - result.notification_attributes.complaint_topic == topic_info.results[1].sns_arn - result.notification_attributes.headers_in_complaint_notifications_enabled == True - result.notification_attributes.forwarding_enabled == False - name: re-register base email identity aws_ses_identity: identity: "{{ email_identity }}" state: present <<: *aws_connection_info register: result - name: assert no change since notifications were check mode assert: that: - result.changed == False - "'bounce_topic' not in result.notification_attributes" - result.notification_attributes.headers_in_bounce_notifications_enabled == False - "'delivery_topic' not in result.notification_attributes" - result.notification_attributes.headers_in_delivery_notifications_enabled == False - "'complaint_topic' not in result.notification_attributes" - result.notification_attributes.headers_in_complaint_notifications_enabled == False - result.notification_attributes.forwarding_enabled == True always: - name: cleanup topics sns_topic: name: "{{ notification_queue_name }}-{{ item }}" state: absent <<: *aws_connection_info with_items: - bounce - complaint - delivery - name: cleanup email identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test include headers on notification queues block: - name: register email identity aws_ses_identity: identity: "{{ email_identity }}" state: present bounce_notifications: include_headers: Yes complaint_notifications: include_headers: Yes delivery_notifications: include_headers: Yes <<: *aws_connection_info register: result - name: assert notification headers enabled assert: that: - result.notification_attributes.headers_in_bounce_notifications_enabled == True - result.notification_attributes.headers_in_complaint_notifications_enabled == True - result.notification_attributes.headers_in_delivery_notifications_enabled == True always: - name: cleanup email identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test disable feedback forwarding block: - name: test topic sns_topic: name: "{{ notification_queue_name }}-{{ item }}" state: present <<: *aws_connection_info register: topic_info with_items: - bounce - complaint - name: register email identity aws_ses_identity: identity: "{{ email_identity }}" state: present bounce_notifications: topic: "{{ topic_info.results[0].sns_arn }}" complaint_notifications: topic: "{{ topic_info.results[1].sns_arn }}" feedback_forwarding: No <<: *aws_connection_info register: result - name: assert feedback_forwarding == False assert: that: - result.notification_attributes.forwarding_enabled == False always: - name: cleanup topics sns_topic: name: "{{ notification_queue_name }}-{{ item }}" state: absent <<: *aws_connection_info with_items: - bounce - complaint - name: cleanup email identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test disable feedback forwarding fails if no topics block: - name: register identity aws_ses_identity: identity: "{{ domain_identity }}" state: present feedback_forwarding: No <<: *aws_connection_info register: result failed_when: result.failed == False - name: assert error message starts with "Invalid Parameter Value" assert: that: - '"Invalid Parameter Value" in result.msg' always: - name: cleanup identity aws_ses_identity: identity: "{{ domain_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test disable feedback forwarding fails if no complaint topic block: - name: test topic sns_topic: name: "{{ notification_queue_name }}-bounce" state: present <<: *aws_connection_info register: topic_info - name: register email identity aws_ses_identity: identity: "{{ email_identity }}" state: present bounce_notifications: topic: "{{ topic_info.sns_arn }}" feedback_forwarding: No <<: *aws_connection_info register: result failed_when: result.failed == False - name: assert error message starts with "Invalid Parameter Value" assert: that: - '"Invalid Parameter Value" in result.msg' always: - name: cleanup topics sns_topic: name: "{{ notification_queue_name }}-bounce" state: absent <<: *aws_connection_info - name: cleanup identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info # ============================================================ - name: test disable feedback forwarding fails if no bounce topic block: - name: test topic sns_topic: name: "{{ notification_queue_name }}-complaint" state: present <<: *aws_connection_info register: topic_info - name: register email identity aws_ses_identity: identity: "{{ email_identity }}" state: present complaint_notifications: topic: "{{ topic_info.sns_arn }}" feedback_forwarding: No <<: *aws_connection_info register: result failed_when: result.failed == False - name: assert error message starts with "Invalid Parameter Value" assert: that: - '"Invalid Parameter Value" in result.msg' always: - name: cleanup topics sns_topic: name: "{{ notification_queue_name }}-complaint" state: absent <<: *aws_connection_info - name: cleanup identity aws_ses_identity: identity: "{{ email_identity }}" state: absent <<: *aws_connection_info