Allow security tokens and profiles to be used as arguments
to the 'common' ec2 modules
Mostly refactoring to provide two new methods,
`get_aws_connection_info`, which results in a dict that can be
passed through to the boto `connect_to_region` calls, and
`connect_to_aws` that can pass that dict through to the
`connect_to_region` method of the appropriate module.
Tidied up some variable names
Works around boto/boto#2100
profiles don't work with boto < 2.24, but this detects for that
and fails with an appropriate message. It is designed to work
if profile is not passed but boto < 2.24 is installed.
Modifications to allow empty aws auth variables to be passed
(this is useful if wanting to have the keys as an optional
parameter in ec2 calls - if set, use this value, if not set,
use boto config or env variables)
Reworked validate_certs improvements to work with refactoring
Added documentation for profile and security_token to affected modules
When disabled, the boto connection will be instantiated without validating
the SSL certificate from the target endpoint. This allows the modules to connect
to Eucalyptus instances running with self-signed certs without errors.
Fixes#3978
Refactor the currently well-factored ec2 modules (i.e. those that already use ec2_connect) to
have a common argument spec. The idea is that new modules can use this spec without duplication
of code, and that new functionality can be added to the ec2 connection code (e.g. security
token argument)
Line 276: no_reboot = dict(default=True, type="bool"),
This should really default to False (When AMIs are created the machine will reboot before copying the disk).
"When enabled, Amazon EC2 does not shut down the instance before creating the image. When this option is used, file system integrity on the created image cannot be guaranteed."
The `ec2_ami`, `ec2_elb`, `ec2_tag`, `ec2_vpc`, `route53`, and `s3` modules
all canonicalize the AWS access and secret key params as
`aws_access_key` and `aws_secret_key`. However, following the fixes for #4540,
those modules now use `get_ec2_creds` from `lib/ansible/module_utils/ec2.py`,
which requires access/secret key params to be canonicalized as
`ec2_access_key` and `ec2_secret_key`. As a result, AWS credentials passed
to those six modules as parameters are ignored (they instead always use
the AWS credentials specified via environment variables, or nothing).
So this change fixes those six modules to canonicalize the
AWS access and secret key params as `ec2_access_key` and `ec2_secret_key`,
allowing them to again accept AWS credentials passed via module params.