add module cloudformation_exports (#67349)

* add module cloudformation_exports

* add RETURN, add aliases group, clean up yaml

* update return value. uncomment security_token. remove cloudformation shortcut

* fix typo

* try to delete test stack

* rename stack

* add cleanup and assert. try to set stack name with variable

* create s3 bucket instead

* set bucket name

* add tests, remove unsed key and import, add iam role, add to module_defaults

* import exceptions, fix assert syntax

* fix assert

* Update test/integration/targets/cloudformation_exports/tasks/main.yml

Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>

* fix export name

* renamed module

Co-authored-by: Jill R <4121322+jillr@users.noreply.github.com>

hacking/aws_config/testing_policies/devops-policy.json

@@ -27,6 +27,7 @@
           "cloudformation:GetStackPolicy",
           "cloudformation:GetTemplate",
           "cloudformation:ListChangeSets",
+          "cloudformation:ListExports",
           "cloudformation:ListStackResources",
           "cloudformation:UpdateStack",
           "cloudformation:UpdateTerminationProtection"

lib/ansible/config/module_defaults.yml

@@ -119,6 +119,8 @@ groupings:
   - aws
   cloudformation:
   - aws
+  cloudformation_exports_info:
+  - aws
   cloudformation_facts:
   - aws
   cloudformation_info:

lib/ansible/modules/cloud/amazon/cloudformation_exports_info.py

@@ -0,0 +1,87 @@
+#!/usr/bin/python
+# Copyright: Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+                    'status': ['preview'],
+                    'supported_by': 'community'}
+
+DOCUMENTATION = '''
+module: cloudformation_exports_info
+short_description: Read a value from CloudFormation Exports
+description:
+  - Module retrieves a value from CloudFormation Exports
+requirements: ['boto3 >= 1.11.15']
+version_added: "2.10"
+author:
+  - "Michael Moyle (@mmoyle)"
+extends_documentation_fragment:
+    - aws
+    - ec2
+'''
+
+EXAMPLES = '''
+- name: Get Exports
+  cloudformation_exports_info:
+    profile: 'my_aws_profile'
+    region: 'my_region'
+  register: cf_exports
+- debug:
+    msg: "{{ cf_exports }}"
+'''
+
+RETURN = '''
+export_items:
+    description: A dictionary of Exports items names and values.
+    returned: Always
+    type: dict
+'''
+
+from ansible.module_utils.aws.core import AnsibleAWSModule
+from ansible.module_utils.ec2 import AWSRetry
+
+try:
+    from botocore.exceptions import ClientError
+    from botocore.exceptions import BotoCoreError
+except ImportError:
+    pass  # handled by AnsibleAWSModule
+
+
+@AWSRetry.exponential_backoff()
+def list_exports(cloudformation_client):
+    '''Get Exports Names and Values and return in dictionary '''
+    list_exports_paginator = cloudformation_client.get_paginator('list_exports')
+    exports = list_exports_paginator.paginate().build_full_result()['Exports']
+    export_items = dict()
+
+    for item in exports:
+        export_items[item['Name']] = item['Value']
+
+    return export_items
+
+
+def main():
+    argument_spec = dict()
+    result = dict(
+        changed=False,
+        original_message=''
+    )
+
+    module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False)
+    cloudformation_client = module.client('cloudformation')
+
+    try:
+        result['export_items'] = list_exports(cloudformation_client)
+
+    except (ClientError, BotoCoreError) as e:
+        module.fail_json_aws(e)
+
+    result.update()
+    module.exit_json(**result)
+
+
+if __name__ == '__main__':
+    main()

test/integration/targets/cloudformation_exports_info/aliases

@@ -0,0 +1,2 @@
+cloud/aws
+shippable/aws/group3

test/integration/targets/cloudformation_exports_info/defaults/main.yml

@@ -0,0 +1 @@
+stack_name: "{{ resource_prefix }}"

test/integration/targets/cloudformation_exports_info/files/test_stack.yml

@@ -0,0 +1,24 @@
+AWSTemplateFormatVersion: 2010-09-09
+Description: Create some item in Exports
+Parameters:
+  TestParamValue:
+    Type: String
+    Description: A param Value to be placed in Exports
+  TestParamName:
+    Type: String
+    Description: A param Name for SSM Parameter Store
+  BucketSuffix:
+    Type: String
+Resources:
+  TestBucket:
+    Type: AWS::S3::Bucket
+    Properties:
+      BucketName:
+        Fn::Sub: "cf-export-${BucketSuffix}"
+Outputs:
+  TestParamValue:
+    Value:
+      Ref: TestParamValue
+    Export:
+      Name:
+        Fn::Sub: "${TestParamName}"

test/integration/targets/cloudformation_exports_info/tasks/main.yml

@@ -0,0 +1,39 @@
+- name: set connection information for aws modules and run tasks
+  module_defaults:
+    group/aws:
+      aws_access_key: "{{ aws_access_key }}"
+      aws_secret_key: "{{ aws_secret_key }}"
+      security_token: "{{ security_token | default(omit) }}"
+      region: "{{ aws_region }}"
+
+  block:
+    - name: Create a minimal stack with an export set by parameter
+      cloudformation:
+        stack_name: "{{ stack_name }}"
+        template_body: "{{ lookup('file','test_stack.yml') }}"
+        template_parameters:
+          TestParamName: "cf-exports-param"
+          TestParamValue: "Set By CF Exports"
+          BucketSuffix: "{{ resource_prefix }}"
+      register: cf_stack
+    - name: Read from Exports
+      cloudformation_exports_info:
+        region: "{{ aws_region }}"
+      register: exports_result
+    - set_fact:
+        export_items: "{{ exports_result['export_items'] }}"
+    - assert:
+        that:
+          - export_items is defined
+          - export_items['cf-exports-param'] is defined
+          # - export_items | length == 1
+
+
+# Cleanup
+  always:
+
+    - name: delete stack
+      cloudformation:
+        stack_name: "{{ stack_name }}"
+        state: absent
+      ignore_errors: yes