parent
17b7023e64
commit
35745aff22
1 changed files with 26 additions and 1 deletions
|
@ -55,6 +55,11 @@ options:
|
|||
default: 100
|
||||
aliases: []
|
||||
version_added: "1.3"
|
||||
encrypted:
|
||||
description:
|
||||
- Enable encryption at rest for this volume.
|
||||
default: false
|
||||
version_added: "1.8"
|
||||
device_name:
|
||||
description:
|
||||
- device id to override device mapping. Assumes /dev/sdf for Linux/UNIX and /dev/xvdf for Windows.
|
||||
|
@ -178,6 +183,8 @@ EXAMPLES = '''
|
|||
import sys
|
||||
import time
|
||||
|
||||
from distutils.version import LooseVersion
|
||||
|
||||
try:
|
||||
import boto.ec2
|
||||
except ImportError:
|
||||
|
@ -230,12 +237,21 @@ def delete_volume(module, ec2):
|
|||
ec2.delete_volume(vol.id)
|
||||
module.exit_json(changed=True)
|
||||
|
||||
def boto_supports_volume_encryption():
|
||||
"""
|
||||
Check if Boto library supports encryption of EBS volumes (added in 2.29.0)
|
||||
|
||||
Returns:
|
||||
True if boto library has the named param as an argument on the request_spot_instances method, else False
|
||||
"""
|
||||
return hasattr(boto, 'Version') and LooseVersion(boto.Version) >= LooseVersion('2.29.0')
|
||||
|
||||
def create_volume(module, ec2, zone):
|
||||
name = module.params.get('name')
|
||||
id = module.params.get('id')
|
||||
instance = module.params.get('instance')
|
||||
iops = module.params.get('iops')
|
||||
encrypted = module.params.get('encrypted')
|
||||
volume_size = module.params.get('volume_size')
|
||||
snapshot = module.params.get('snapshot')
|
||||
# If custom iops is defined we use volume_type "io1" rather than the default of "standard"
|
||||
|
@ -265,7 +281,11 @@ def create_volume(module, ec2, zone):
|
|||
changed=False)
|
||||
else:
|
||||
try:
|
||||
volume = ec2.create_volume(volume_size, zone, snapshot, volume_type, iops)
|
||||
if boto_supports_volume_encryption():
|
||||
volume = ec2.create_volume(volume_size, zone, snapshot, volume_type, iops, encrypted)
|
||||
else:
|
||||
volume = ec2.create_volume(volume_size, zone, snapshot, volume_type, iops)
|
||||
|
||||
while volume.status != 'available':
|
||||
time.sleep(3)
|
||||
volume.update()
|
||||
|
@ -319,6 +339,7 @@ def main():
|
|||
name = dict(),
|
||||
volume_size = dict(),
|
||||
iops = dict(),
|
||||
encrypted = dict(),
|
||||
device_name = dict(),
|
||||
zone = dict(aliases=['availability_zone', 'aws_zone', 'ec2_zone']),
|
||||
snapshot = dict(),
|
||||
|
@ -332,6 +353,7 @@ def main():
|
|||
instance = module.params.get('instance')
|
||||
volume_size = module.params.get('volume_size')
|
||||
iops = module.params.get('iops')
|
||||
encrypted = module.params.get('encrypted')
|
||||
device_name = module.params.get('device_name')
|
||||
zone = module.params.get('zone')
|
||||
snapshot = module.params.get('snapshot')
|
||||
|
@ -367,6 +389,9 @@ def main():
|
|||
if id and name:
|
||||
module.fail_json(msg="Both id and name cannot be specified")
|
||||
|
||||
if encrypted and not boto_supports_volume_encryption():
|
||||
module.fail_json(msg="You must use boto >= v2.29.0 to use encrypted volumes")
|
||||
|
||||
# Here we need to get the zone info for the instance. This covers situation where
|
||||
# instance is specified but zone isn't.
|
||||
# Useful for playbooks chaining instance launch with volume create + attach and where the
|
||||
|
|
Loading…
Reference in a new issue