diff --git a/lib/ansible/modules/cloud/amazon/iam_cert.py b/lib/ansible/modules/cloud/amazon/iam_cert.py index 676fafb9049..767c7e03b46 100644 --- a/lib/ansible/modules/cloud/amazon/iam_cert.py +++ b/lib/ansible/modules/cloud/amazon/iam_cert.py @@ -138,7 +138,11 @@ def cert_meta(iam, name): server_certificate.\ server_certificate_metadata.\ expiration - return opath, ocert, ocert_id, upload_date, exp + arn = iam.get_server_certificate(name).get_server_certificate_result.\ + server_certificate.\ + server_certificate_metadata.\ + arn + return opath, ocert, ocert_id, upload_date, exp, arn def dup_check(module, iam, name, new_name, cert, orig_cert_names, orig_cert_bodies, dup_ok): update=False @@ -159,6 +163,9 @@ def dup_check(module, iam, name, new_name, cert, orig_cert_names, orig_cert_bodi if slug_orig_cert_bodies == slug_cert: update=True break + elif slug_cert.startswith(slug_orig_cert_bodies): + update=True + break elif slug_orig_cert_bodies != slug_cert: module.fail_json(changed=False, msg='A cert with the name %s already exists and' ' has a different certificate body associated' @@ -181,34 +188,34 @@ def cert_action(module, iam, name, cpath, new_name, new_path, state, update = dup_check(module, iam, name, new_name, cert, orig_cert_names, orig_cert_bodies, dup_ok) if update: - opath, ocert, ocert_id, upload_date, exp = cert_meta(iam, name) + opath, ocert, ocert_id, upload_date, exp, arn = cert_meta(iam, name) changed=True if new_name and new_path: iam.update_server_cert(name, new_cert_name=new_name, new_path=new_path) module.exit_json(changed=changed, original_name=name, new_name=new_name, original_path=opath, new_path=new_path, cert_body=ocert, - upload_date=upload_date, expiration_date=exp) + upload_date=upload_date, expiration_date=exp, arn=arn) elif new_name and not new_path: iam.update_server_cert(name, new_cert_name=new_name) module.exit_json(changed=changed, original_name=name, new_name=new_name, cert_path=opath, cert_body=ocert, - upload_date=upload_date, expiration_date=exp) + upload_date=upload_date, expiration_date=exp, arn=arn) elif not new_name and new_path: iam.update_server_cert(name, new_path=new_path) module.exit_json(changed=changed, name=new_name, original_path=opath, new_path=new_path, cert_body=ocert, - upload_date=upload_date, expiration_date=exp) + upload_date=upload_date, expiration_date=exp, arn=arn) else: changed=False module.exit_json(changed=changed, name=name, cert_path=opath, cert_body=ocert, - upload_date=upload_date, expiration_date=exp, + upload_date=upload_date, expiration_date=exp, arn=arn, msg='No new path or name specified. No changes made') else: changed=True iam.upload_server_cert(name, cert, key, cert_chain=chain, path=cpath) - opath, ocert, ocert_id, upload_date, exp = cert_meta(iam, name) + opath, ocert, ocert_id, upload_date, exp, arn = cert_meta(iam, name) module.exit_json(changed=changed, name=name, cert_path=opath, cert_body=ocert, - upload_date=upload_date, expiration_date=exp) + upload_date=upload_date, expiration_date=exp, arn=arn) elif state == 'absent': if name in orig_cert_names: changed=True