Kohei Asano
Jill R
parent
b9d77b997e
commit
ddf6d096c5
17
hacking/aws_config/testing_policies/iam-policy.json
Normal file
17
hacking/aws_config/testing_policies/iam-policy.json
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [
|
||||
{
|
||||
"Sid": "AllowAccessToServerCertificates",
|
||||
"Effect": "Allow",
|
||||
"Action": [
|
||||
"iam:ListServerCertificates",
|
||||
"iam:UploadServerCertificate",
|
||||
"iam:UpdateServerCertificate",
|
||||
"iam:DeleteServerCertificate",
|
||||
"iam:GetServerCertificate"
|
||||
],
|
||||
"Resource": "*"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
@ -103,7 +103,7 @@ EXAMPLES = '''
|
|||
- subnet-012345678
|
||||
- subnet-abcdef000
|
||||
listeners:
|
||||
- Protocol: TCP # Required. The protocol for connections from clients to the load balancer (Only TCP is available) (case-sensitive).
|
||||
- Protocol: TCP # Required. The protocol for connections from clients to the load balancer (TCP or TLS) (case-sensitive).
|
||||
Port: 80 # Required. The port on which the load balancer is listening.
|
||||
DefaultActions:
|
||||
- Type: forward # Required. Only 'forward' is accepted at this time
|
||||
|
|
@ -117,7 +117,7 @@ EXAMPLES = '''
|
|||
- SubnetId: subnet-012345678
|
||||
AllocationId: eipalloc-aabbccdd
|
||||
listeners:
|
||||
- Protocol: TCP # Required. The protocol for connections from clients to the load balancer (Only TCP is available) (case-sensitive).
|
||||
- Protocol: TCP # Required. The protocol for connections from clients to the load balancer (TCP or TLS) (case-sensitive).
|
||||
Port: 80 # Required. The port on which the load balancer is listening.
|
||||
DefaultActions:
|
||||
- Type: forward # Required. Only 'forward' is accepted at this time
|
||||
|
|
@ -402,8 +402,8 @@ def main():
|
|||
if listeners is not None:
|
||||
for listener in listeners:
|
||||
for key in listener.keys():
|
||||
if key == 'Protocol' and listener[key] != 'TCP':
|
||||
module.fail_json(msg="'Protocol' must be 'TCP'")
|
||||
if key == 'Protocol' and listener[key] not in ['TCP', 'TLS']:
|
||||
module.fail_json(msg="'Protocol' must be either 'TCP' or 'TLS'")
|
||||
|
||||
connection = module.client('elbv2')
|
||||
connection_ec2 = module.client('ec2')
|
||||
|
|
|
|||
32
test/integration/targets/elb_network_lb/files/cert.pem
Normal file
32
test/integration/targets/elb_network_lb/files/cert.pem
Normal file
|
|
@ -0,0 +1,32 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIFiTCCA3GgAwIBAgIJAKE+XLUKdWtPMA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNV
|
||||
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
|
||||
aWRnaXRzIFB0eSBMdGQxFDASBgNVBAMMC2V4YW1wbGUuY29tMB4XDTE5MDYxNDEx
|
||||
MzIzM1oXDTIwMDYxMzExMzIzM1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNv
|
||||
bWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIG
|
||||
A1UEAwwLZXhhbXBsZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
|
||||
AQDOFNh5eQ6+9tYvtzjrqvFDzPoXmZuOFeqFS7iBH4gLorvmQQIQcVEAH7O+tkhW
|
||||
Z8+6PgvXXd43GFtEbY8jZoBQwupl7lIdzywFRoyZYkREXodmDixkwxlPvUWdrb3r
|
||||
ZDRON6qIbX8LrzTPD1+JL4Rtkgr1RTlLrHT3ABEqEV1fQODOdbRd7rq6fmqwPlbl
|
||||
zS5kN3RPFuJVDZrnCPcEMOA3QftQgDTzyOlZJYWDZsJxel7H/O9qZjPBTitNJxg1
|
||||
ierPaIXT6u6CdWA0A7t3Knyn2+vcyvemjsbQg9v/U5zKR3h+6F0slqgOT/ZnrEos
|
||||
AzxdeaA5POJFy6xCHZiVgsE7OVaPB9imWrrAYbKsHVLP2rdlhnGZQnnebmTYCll5
|
||||
SvXWCIr5vp4i1qxIa95QBU/xmEY6kTy9GjAOSmYXj7UnwnBZwgEop0yUdBMb4s9G
|
||||
x8S6Yxaj1DZVyiyrzInBri9lqabkPLPQNaK7wTKN5zl7r5pSCsF8rl4R+mvcxyyY
|
||||
dS+cqseGjn98ubdd/vyQWqLbQtr5Njk4ROs5Rv6/2z/RUFdwsqB5aXztxOs3J7aJ
|
||||
5ScTgmoK+wkQY+tej6H5pgT02vKuXLwe4wHKKAYepgH7Azkm7XoFlHhBEUy+uUsI
|
||||
PMBm2Meo1JzOc8E5QqLX2YO/MDiZhI+NYOMJF0/huWqM7wIDAQABo1AwTjAdBgNV
|
||||
HQ4EFgQU3cPtQEUQYkj4lTM5fbdkd8FSVVIwHwYDVR0jBBgwFoAU3cPtQEUQYkj4
|
||||
lTM5fbdkd8FSVVIwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEACWQX
|
||||
CJK6f+/Zci1e7Gvw0gd+1xV8jbz2lH2zOGSpoQ6UCRVrANEX+p0nZZRpnTTrJfGa
|
||||
Yx+TjIJ4SSoaCud+N2IGXWxzuMan+NskyycTaHSA/i6OwZ8jKki/iVvE5XQN+gHw
|
||||
h5lWnEh5PiGG91lYi+FShUN0DX7Su776UK3mloLlq+ANCubWxDycWc0xBNH8iD2U
|
||||
xBV7MfuCX9rSei+2NU+hnOPrzh0OKNGOTSPHY1N1KU3grxTLTpF8PTMHC55sEy2E
|
||||
EMokRb3V/lFyrfX755KT5cQG6uQKQorI95BoxoNjeek54tuBUjenLfOH6dMO/6Xd
|
||||
WaouLXiDM73fwFI0ByQ5CTJizC0ehoZtv2XB7yjZJEuI7zz4wXBBwgNlBV2j4aJJ
|
||||
0wNG9210ZC7NxNH7MRfZfzLQpsOMTm9UP85TXsB1ieaN6OD2CnHP9O6umy633Aie
|
||||
dsQt5yaC9+N86NBceb44IlkqlTv720BQjq7Dz5UCthhNg0VYpICzymD9kAKPfx9Z
|
||||
1ug2gB4i2r6eHqFIexwSfa29DxW+KEPlL7pP9P9FVsYNyZYOvX8OgVERkA/9L53i
|
||||
MpzRPPzTyjW/sJcDWVfrQU0NhPj5lOxdMcbvvU+KD3afraUXPiN4N4+FFWENOFZ/
|
||||
HEKjPj+As/3OHNyUXrCciYjq6gCLZ6SV945l2h8=
|
||||
-----END CERTIFICATE-----
|
||||
52
test/integration/targets/elb_network_lb/files/key.pem
Normal file
52
test/integration/targets/elb_network_lb/files/key.pem
Normal file
|
|
@ -0,0 +1,52 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDOFNh5eQ6+9tYv
|
||||
tzjrqvFDzPoXmZuOFeqFS7iBH4gLorvmQQIQcVEAH7O+tkhWZ8+6PgvXXd43GFtE
|
||||
bY8jZoBQwupl7lIdzywFRoyZYkREXodmDixkwxlPvUWdrb3rZDRON6qIbX8LrzTP
|
||||
D1+JL4Rtkgr1RTlLrHT3ABEqEV1fQODOdbRd7rq6fmqwPlblzS5kN3RPFuJVDZrn
|
||||
CPcEMOA3QftQgDTzyOlZJYWDZsJxel7H/O9qZjPBTitNJxg1ierPaIXT6u6CdWA0
|
||||
A7t3Knyn2+vcyvemjsbQg9v/U5zKR3h+6F0slqgOT/ZnrEosAzxdeaA5POJFy6xC
|
||||
HZiVgsE7OVaPB9imWrrAYbKsHVLP2rdlhnGZQnnebmTYCll5SvXWCIr5vp4i1qxI
|
||||
a95QBU/xmEY6kTy9GjAOSmYXj7UnwnBZwgEop0yUdBMb4s9Gx8S6Yxaj1DZVyiyr
|
||||
zInBri9lqabkPLPQNaK7wTKN5zl7r5pSCsF8rl4R+mvcxyyYdS+cqseGjn98ubdd
|
||||
/vyQWqLbQtr5Njk4ROs5Rv6/2z/RUFdwsqB5aXztxOs3J7aJ5ScTgmoK+wkQY+te
|
||||
j6H5pgT02vKuXLwe4wHKKAYepgH7Azkm7XoFlHhBEUy+uUsIPMBm2Meo1JzOc8E5
|
||||
QqLX2YO/MDiZhI+NYOMJF0/huWqM7wIDAQABAoICAB3iqAH1rE3FPgptZ7PFdnd+
|
||||
okYJ4KUaSIhMEtWm3PPTBay+gK4hwL1j240sohDlvRolJVJ2KmOTBKlHuhpIIxOT
|
||||
MKrXhNEN2jRpproXpg7EJp6GL6ntIR6PNClJqOEaBvvQ1soyFtp67g2ZDSG34lyB
|
||||
cVVgVI7E07F+MP8IxaGqpu9J4n48wJeK/a3RXIi22KNv504Q44GyF2SpyCizbdCV
|
||||
oPxrm0I/QJfM+S+1Fz2doWEfLRkg+SBvVZg6sygQeBzb64xv5WbF3s2sPONrJeix
|
||||
2+KJDKD605ophR3h4jrzYmYFDH4K2xQ4RGOEeL0pOvfTS4kBa07z2mc8I4SLEbpi
|
||||
VzQblmftRvwye2eKk74GVhJho7Il6ssTL29TJxIyzEljVFrprILkmAVEV8SOn544
|
||||
pgSj6i7gDcav4OdhxldT6dk7PNqMq49p3acYzLtXCknlLkHOODEFH3BWP1oAWN6e
|
||||
m34kwPGFviKEIYkurWV0LGV9h/zLL3kxjdbgFyLY24jVbvWuJ9VeJkcHVgL3Rs1A
|
||||
5irHFpW9TSKYg+R8zLM50S5HRcnL0wV+hl02TcJbkjyVToFh5FeDdyIxN+sQnh+a
|
||||
b+g/IA+um2RbqjEUoaVxCdIo7/oPzzj0u8Pw5FvAedNM1a8sZiUJ/1CW7In8yRPC
|
||||
Nb5rONsL/eEHAJU9EWIBAoIBAQDnzEl7NUZ50wjqBTna69u9luxb6ixJM3o9asnY
|
||||
BXU90Bp7kl14WbHUmTPYGKoGIEKDmmKpA/LhGwD1vykjtHWkUcgGYYucXIBuzRb7
|
||||
hEcAa9qkce6Ik4HS8khRmmikNDu/t5zJU2tkgNuGVQlHvsjpJz/rdX857G5Cv8v7
|
||||
GSBL4aNxhp9OoMav3/XEUpRSoccR7WEAdfeTfiR4EgaIy864w4twxr2nLroB6SzN
|
||||
dYSPZ4hMkTS34ixzjO233QioAGiEnG22XyBA7DTB41EoRFIBcbPrCMqDONkNHbeO
|
||||
j25g4okNjK+7ihmIHZBP0awN+mlfNHnDXuJ6L2LCrxWHQQtHAoIBAQDjmS6h51/H
|
||||
gcBDUxot16M/7PPJZUbJ8y+qqPbaqu3ORADyvguE/Ww80we+8xeaOa5tVpVE6diZ
|
||||
tg5BfBGwltyCEwKDAG1g9/D3IVw3yE1AuxyG0+1q0/rTcdZl01PgGVwi+28YCLyO
|
||||
VxgyIvpGFwgQ9WV22l16JatyhsZLRIWFk78ECJO3v5X8KuCJLnKfcd9nkem9DXdS
|
||||
iKqiylOXzvIKGUe5HxeDd/itI8V8b8OTQQxM0jEwCOZQg1o1BNN0uEJo4dENkuYa
|
||||
dZyJFYe0ZsM5ZRm5HmcIYMlPejcYaINRX30TZHRNE/X+fCfrIwg0LmJxFVieFcc3
|
||||
Dc3ZU1K5T3UZAoIBAQDCAK3ji+RPY/xK+VLB0rOYSy/JggXMwmPl8XG79l14/aqc
|
||||
kBTg/JkkqZDFpWbwN6HTyawXb3GhS9uS0oqZEpl/jN8P0CZsGNN5aPd6TOysApj9
|
||||
F0ogTuzSY+t5OPWpsPns7L0xlzsD5AFXveZFgP1gfnQ2GqIAFcz22tXbc90fBVup
|
||||
UZYV1eRVIOnuhXsUachWTcno+9LZRDM7t0J2zbVX2HnlSsFCoo4VuVXBJEFtUKa4
|
||||
BrQLzyWLFIGFaF6tVaIkk1QT1iwFimxhdmLfg8bq5IJEDZiJGVQ4cQ3HKG6mchNp
|
||||
Hr2aBex2it/UnlUVYec9QotCpDCDORO8g5NOH3dTAoIBAQCJH9htqVYWgIESzvW9
|
||||
2ua7dAqpM0CEGeWFH8mik0s1c9lSZtfP51OYDdjj3dhBjjEeJQVIANAERCCwqYyK
|
||||
5UmzgLqJrO85dgiTDGFgJmkM7+7O+M5ZB6BeVn7C2KD3KrBNT0lupIzeAXFNe69o
|
||||
HSY5+W+JPSUGm72BAdxkqsL7aLm0N2qwUViPFlIztG1QzS25W7sEsSFL85VDAT1+
|
||||
ACvpk7OXwDjNd7G2tw+b2kZt6Mn9WsJR23rP1WO6/85ay00PncXzNKc4F9YY7YTW
|
||||
VveWE+h8lOmkrZN8M/kP1qAPncVgsqwzaCxUh/8Q9wlRTwT2dtLuY9ajv8hfAImd
|
||||
pla5AoIBAQCduiA3aZBDqGrUTH9bcMRtyU8RTlc2Y5+jFSBP4KfcS/ORoILVdvZz
|
||||
v+o0jw01keGAtW77Mq70ZCpc8HjOm8Ju8GYtwUGmPRS+hQaZwT8/QseF6q2Q+Bi5
|
||||
Wc0Lqa4YA0cI7XViJRhHIPfdV8YEEAW8rIAUqFSoAT6G7z/o0K4zlSa+2RbG0l1v
|
||||
zLWmJtF8OJfM8IboIyER0PHrWjNFzxKCJssu2WE7WT6/Rupus04XVXRR+Fb6DAGb
|
||||
yw2MpB3kLvjugQpolx4YbXE4n+F1mkqm9fHjo4fbfSwjmeFnPsRvRmiRTomHxq/s
|
||||
DUZ6eZM8TIlGhUrx/Y1TP0GQjKxDN6ZQ
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -9,6 +9,15 @@
|
|||
region: "{{ aws_region }}"
|
||||
no_log: yes
|
||||
|
||||
- name: create certificate
|
||||
iam_cert:
|
||||
name: test_cert
|
||||
state: present
|
||||
cert: "{{ lookup('file', 'cert.pem') }}"
|
||||
key: "{{ lookup('file', 'key.pem') }}"
|
||||
<<: *aws_connection_info
|
||||
register: cert
|
||||
|
||||
- name: create VPC
|
||||
ec2_vpc_net:
|
||||
cidr_block: 10.228.228.0/22
|
||||
|
|
@ -203,3 +212,10 @@
|
|||
delay: 5
|
||||
until: remove_vpc is success
|
||||
ignore_errors: yes
|
||||
|
||||
- name: destroy certificate
|
||||
iam_cert:
|
||||
name: test_cert
|
||||
state: absent
|
||||
<<: *aws_connection_info
|
||||
ignore_errors: yes
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@
|
|||
region: "{{ aws_region }}"
|
||||
no_log: yes
|
||||
|
||||
- name: create NLB with a listener
|
||||
- name: create NLB with listeners
|
||||
elb_network_lb:
|
||||
name: "{{ nlb_name }}"
|
||||
subnets: "{{ nlb_subnets }}"
|
||||
|
|
@ -20,15 +20,22 @@
|
|||
DefaultActions:
|
||||
- Type: forward
|
||||
TargetGroupName: "{{ tg_name }}"
|
||||
- Protocol: TLS
|
||||
Port: 443
|
||||
Certificates:
|
||||
- CertificateArn: "{{ cert.arn }}"
|
||||
DefaultActions:
|
||||
- Type: forward
|
||||
TargetGroupName: "{{ tg_name }}"
|
||||
<<: *aws_connection_info
|
||||
register: nlb
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- nlb.changed
|
||||
- nlb.listeners|length == 1
|
||||
- nlb.listeners|length == 2
|
||||
|
||||
- name: test idempotence creating NLB with a listener
|
||||
- name: test idempotence creating NLB with listeners
|
||||
elb_network_lb:
|
||||
name: "{{ nlb_name }}"
|
||||
subnets: "{{ nlb_subnets }}"
|
||||
|
|
@ -39,10 +46,17 @@
|
|||
DefaultActions:
|
||||
- Type: forward
|
||||
TargetGroupName: "{{ tg_name }}"
|
||||
- Protocol: TLS
|
||||
Port: 443
|
||||
Certificates:
|
||||
- CertificateArn: "{{ cert.arn }}"
|
||||
DefaultActions:
|
||||
- Type: forward
|
||||
TargetGroupName: "{{ tg_name }}"
|
||||
<<: *aws_connection_info
|
||||
register: nlb
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- not nlb.changed
|
||||
- nlb.listeners|length == 1
|
||||
- nlb.listeners|length == 2
|
||||
Loading…
Reference in a new issue