2019-08-22 15:25:25 +02:00
|
|
|
- module_defaults:
|
|
|
|
group/aws:
|
2018-10-17 19:56:13 +02:00
|
|
|
aws_access_key: "{{ aws_access_key }}"
|
|
|
|
aws_secret_key: "{{ aws_secret_key }}"
|
2019-08-22 15:25:25 +02:00
|
|
|
security_token: "{{ security_token | default(omit) }}"
|
2018-10-17 19:56:13 +02:00
|
|
|
region: "{{ aws_region }}"
|
2019-08-22 15:25:25 +02:00
|
|
|
block:
|
|
|
|
- name: set iam password policy
|
|
|
|
iam_password_policy:
|
|
|
|
state: present
|
|
|
|
min_pw_length: 8
|
|
|
|
require_symbols: false
|
|
|
|
require_numbers: true
|
|
|
|
require_uppercase: true
|
|
|
|
require_lowercase: true
|
|
|
|
allow_pw_change: true
|
|
|
|
pw_max_age: 60
|
|
|
|
pw_reuse_prevent: 5
|
|
|
|
pw_expire: false
|
|
|
|
register: result
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
- name: assert that changes were made
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- result.changed
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
- name: verify iam password policy has been created
|
|
|
|
iam_password_policy:
|
|
|
|
state: present
|
|
|
|
min_pw_length: 8
|
|
|
|
require_symbols: false
|
|
|
|
require_numbers: true
|
|
|
|
require_uppercase: true
|
|
|
|
require_lowercase: true
|
|
|
|
allow_pw_change: true
|
|
|
|
pw_max_age: 60
|
|
|
|
pw_reuse_prevent: 5
|
|
|
|
pw_expire: false
|
|
|
|
register: result
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
- name: assert that no changes were made
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- not result.changed
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
- name: update iam password policy with different settings
|
|
|
|
iam_password_policy:
|
|
|
|
state: present
|
|
|
|
min_pw_length: 15
|
|
|
|
require_symbols: true
|
|
|
|
require_numbers: true
|
|
|
|
require_uppercase: true
|
|
|
|
require_lowercase: true
|
|
|
|
allow_pw_change: true
|
|
|
|
pw_max_age: 30
|
|
|
|
pw_reuse_prevent: 10
|
|
|
|
pw_expire: true
|
|
|
|
register: result
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
- name: assert that updates were made
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- result.changed
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
# Test for regression of #59102
|
|
|
|
- name: update iam password policy without expiry
|
|
|
|
iam_password_policy:
|
|
|
|
state: present
|
|
|
|
min_pw_length: 15
|
|
|
|
require_symbols: true
|
|
|
|
require_numbers: true
|
|
|
|
require_uppercase: true
|
|
|
|
require_lowercase: true
|
|
|
|
allow_pw_change: true
|
|
|
|
register: result
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
- name: assert that changes were made
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- result.changed
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
- name: remove iam password policy
|
|
|
|
iam_password_policy:
|
|
|
|
state: absent
|
|
|
|
register: result
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
- name: assert password policy has been removed
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- result.changed
|
2018-10-17 19:56:13 +02:00
|
|
|
|
2019-08-22 15:25:25 +02:00
|
|
|
- name: verify password policy has been removed
|
|
|
|
iam_password_policy:
|
|
|
|
state: absent
|
|
|
|
register: result
|
|
|
|
|
|
|
|
- name: assert no changes were made
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- not result.changed
|
|
|
|
always:
|
|
|
|
- name: remove iam password policy
|
|
|
|
iam_password_policy:
|
|
|
|
state: absent
|
|
|
|
register: result
|