From 52accd7d1fa5f9828627cd00fc3f7243e9916b4a Mon Sep 17 00:00:00 2001 From: Will Thames Date: Fri, 6 Nov 2015 19:02:00 +1000 Subject: [PATCH] Use connect_to_aws where possible `connect_to_aws` fixes a bug with security tokens in AWS. Modules should use that rather than calling `boto.x.connect_to_region` --- lib/ansible/modules/cloud/amazon/cloudformation.py | 5 +---- lib/ansible/modules/cloud/amazon/ec2.py | 2 +- lib/ansible/modules/cloud/amazon/ec2_vpc.py | 5 +---- lib/ansible/modules/cloud/amazon/iam.py | 2 +- lib/ansible/modules/cloud/amazon/iam_cert.py | 2 +- lib/ansible/modules/cloud/amazon/iam_policy.py | 2 +- lib/ansible/modules/cloud/amazon/rds_param_group.py | 2 +- lib/ansible/modules/cloud/amazon/rds_subnet_group.py | 2 +- lib/ansible/modules/cloud/amazon/s3.py | 3 ++- 9 files changed, 10 insertions(+), 15 deletions(-) diff --git a/lib/ansible/modules/cloud/amazon/cloudformation.py b/lib/ansible/modules/cloud/amazon/cloudformation.py index f04af81ab25..2f495e7a90c 100644 --- a/lib/ansible/modules/cloud/amazon/cloudformation.py +++ b/lib/ansible/modules/cloud/amazon/cloudformation.py @@ -312,10 +312,7 @@ def main(): stack_outputs = {} try: - cfn = boto.cloudformation.connect_to_region( - region, - **aws_connect_kwargs - ) + cfn = connect_to_aws(boto.cloudformation, region, **aws_connect_kwargs) except boto.exception.NoAuthHandlerFound, e: module.fail_json(msg=str(e)) update = False diff --git a/lib/ansible/modules/cloud/amazon/ec2.py b/lib/ansible/modules/cloud/amazon/ec2.py index 75c991adf44..7700ba2e6f4 100755 --- a/lib/ansible/modules/cloud/amazon/ec2.py +++ b/lib/ansible/modules/cloud/amazon/ec2.py @@ -1387,7 +1387,7 @@ def main(): if region: try: - vpc = boto.vpc.connect_to_region(region, **aws_connect_kwargs) + vpc = connect_to_aws(boto.vpc, region, **aws_connect_kwargs) except boto.exception.NoAuthHandlerFound, e: module.fail_json(msg = str(e)) else: diff --git a/lib/ansible/modules/cloud/amazon/ec2_vpc.py b/lib/ansible/modules/cloud/amazon/ec2_vpc.py index 75ffac49577..4bb93741d95 100644 --- a/lib/ansible/modules/cloud/amazon/ec2_vpc.py +++ b/lib/ansible/modules/cloud/amazon/ec2_vpc.py @@ -712,10 +712,7 @@ def main(): # If we have a region specified, connect to its endpoint. if region: try: - vpc_conn = boto.vpc.connect_to_region( - region, - **aws_connect_kwargs - ) + vpc_conn = connect_to_aws(boto.vpc, region, **aws_connect_kwargs) except boto.exception.NoAuthHandlerFound, e: module.fail_json(msg = str(e)) else: diff --git a/lib/ansible/modules/cloud/amazon/iam.py b/lib/ansible/modules/cloud/amazon/iam.py index ab5867e7cb6..b919fb8f2e7 100644 --- a/lib/ansible/modules/cloud/amazon/iam.py +++ b/lib/ansible/modules/cloud/amazon/iam.py @@ -585,7 +585,7 @@ def main(): try: if region: - iam = boto.iam.connect_to_region(region, **aws_connect_kwargs) + iam = connect_to_aws(boto.iam, region, **aws_connect_kwargs) else: iam = boto.iam.connection.IAMConnection(**aws_connect_kwargs) except boto.exception.NoAuthHandlerFound, e: diff --git a/lib/ansible/modules/cloud/amazon/iam_cert.py b/lib/ansible/modules/cloud/amazon/iam_cert.py index 24afd99c2a8..484ebaddec0 100644 --- a/lib/ansible/modules/cloud/amazon/iam_cert.py +++ b/lib/ansible/modules/cloud/amazon/iam_cert.py @@ -246,7 +246,7 @@ def main(): try: if region: - iam = boto.iam.connect_to_region(region, **aws_connect_kwargs) + iam = connect_to_aws(boto.iam, region, **aws_connect_kwargs) else: iam = boto.iam.connection.IAMConnection(**aws_connect_kwargs) except boto.exception.NoAuthHandlerFound, e: diff --git a/lib/ansible/modules/cloud/amazon/iam_policy.py b/lib/ansible/modules/cloud/amazon/iam_policy.py index 81a8245b4ff..3522eb7ff8e 100644 --- a/lib/ansible/modules/cloud/amazon/iam_policy.py +++ b/lib/ansible/modules/cloud/amazon/iam_policy.py @@ -317,7 +317,7 @@ def main(): try: if region: - iam = boto.iam.connect_to_region(region, **aws_connect_kwargs) + iam = connect_to_aws(boto.iam, region, **aws_connect_kwargs) else: iam = boto.iam.connection.IAMConnection(**aws_connect_kwargs) except boto.exception.NoAuthHandlerFound, e: diff --git a/lib/ansible/modules/cloud/amazon/rds_param_group.py b/lib/ansible/modules/cloud/amazon/rds_param_group.py index 96b115d781a..37e1870c384 100644 --- a/lib/ansible/modules/cloud/amazon/rds_param_group.py +++ b/lib/ansible/modules/cloud/amazon/rds_param_group.py @@ -245,7 +245,7 @@ def main(): module.fail_json(msg = str("Either region or AWS_REGION or EC2_REGION environment variable or boto config aws_region or ec2_region must be set.")) try: - conn = boto.rds.connect_to_region(region, **aws_connect_kwargs) + conn = connect_to_aws(boto.rds, region, **aws_connect_kwargs) except boto.exception.BotoServerError, e: module.fail_json(msg = e.error_message) diff --git a/lib/ansible/modules/cloud/amazon/rds_subnet_group.py b/lib/ansible/modules/cloud/amazon/rds_subnet_group.py index 3b998c34225..bc0655a652c 100644 --- a/lib/ansible/modules/cloud/amazon/rds_subnet_group.py +++ b/lib/ansible/modules/cloud/amazon/rds_subnet_group.py @@ -116,7 +116,7 @@ def main(): module.fail_json(msg = str("Either region or AWS_REGION or EC2_REGION environment variable or boto config aws_region or ec2_region must be set.")) try: - conn = boto.rds.connect_to_region(region, **aws_connect_kwargs) + conn = connect_to_aws(boto.rds, region, **aws_connect_kwargs) except boto.exception.BotoServerError, e: module.fail_json(msg = e.error_message) diff --git a/lib/ansible/modules/cloud/amazon/s3.py b/lib/ansible/modules/cloud/amazon/s3.py index 42c2cf64265..672bd9acb3e 100644 --- a/lib/ansible/modules/cloud/amazon/s3.py +++ b/lib/ansible/modules/cloud/amazon/s3.py @@ -459,7 +459,8 @@ def main(): walrus = urlparse.urlparse(s3_url).hostname s3 = boto.connect_walrus(walrus, **aws_connect_kwargs) else: - s3 = boto.s3.connect_to_region(location, is_secure=True, **aws_connect_kwargs) + aws_connect_args['is_secure'] = True + s3 = connect_to_aws(boto.s3, location, **aws_connect_args) # use this as fallback because connect_to_region seems to fail in boto + non 'classic' aws accounts in some cases if s3 is None: s3 = boto.connect_s3(**aws_connect_kwargs)