* Add aws_ses_identity_policy module for managing SES sending policies
* Add option to AnsibleAWSModule for applying a retry decorator to all calls.
* Add per-callsite opt in to retry behaviours in AnsibleAWSModule
* Update aws_ses_identity_policy module to opt in to retries at all callsites.
* Add test for aws_ses_identity_policy module with inline policy.
* Remove implicit retrys on boto resources since they're not working yet.
Cloudfront needs CreateOriginAccessIdentity
Add profile parameter to setup-iam.yml. Could arguably just use
AWS_PROFILE but given that other tasks are using profile, should
be consistent.
* Add aws_ses_identity module
* Update CI alias, add BotoCoreError exception handling.
* Add SES and SNS permissions to hacking/aws_config to run aws_ses_identity integration tests
People expect to be able to upload files to s3 using standard
locations for files.
Providing an action plugin that effectively rewrites the `src`
key to the result of finding such a file is a great help.
Tests added, and IAM permissions corrected
* added cloudfont.py, modified cloudfront_facts.py class name and fixed a minor bug
* Improvements to cloudfront_distribution
* Reduce the scope of the cloudfront_distribution module
* Remove presigning
* Remove streaming distribution functionality
* Add full test suite for cloudfront distribution
* Meet Ansible AWS guidelines
* Make requested changes
Fix tests
Use built-in waiter
Update copyright
Tests for:
* ecs_cluster
* ecs_service
* ecs_service_facts
* ecs_taskdefinition
* ecs_taskdefinition_facts
* Add idempotency testing
Test ecs_cluster, ecs_service and ecs_taskdefinition for trivial
idempotency. Add FIXMEs to the tests because the latter two fail.
Remove unused dependencies
* Add some integration tests for ec2_vpc_net module
* Add a couple tests for check mode
fix typo
ensure the DHCP option set is cleaned up
* Add permissions to test policy
* Add integration test suite for ec2_vpc_subnet
* wrap boto3 connection in try/except
update module documentation and add RETURN docs
add IPv6 support to VPC subnet module
rename ipv6cidr to ipv6_cidr, use required_if for parameter testing, update some failure messages to be more descriptive
DryRun mode was removed from this function a while ago but exception handling was still checking for it, removed
add wait and timeout for subnet creation process
fixup the ipv6 cidr disassociation logic a bit per review
update RETURN values per review
added module parameter check
removed DryRun parameter from boto3 call since it would always be false here
fix subnet wait loop
add a purge_tags parameter, fix the ensure_tags function, update to use compare_aws_tags func
fix tags type error per review
remove **kwargs use in create_subnet function per review
* rebased on #31870, fixed merge conflicts, and updated error messages
* fixes to pass tests
* add test for failure on invalid ipv6 block and update tags test for purge_tags=true function
* fix pylint issue
* fix exception handling error when run with python3
* add ipv6 tests and fix module code
* Add permissions to hacking/aws_config/testing_policies/ec2-policy.json for adding IPv6 cidr blocks to VPC and subnets
* fix type in tests and update assert conditional to check entire returned value
* add AWS_SESSION_TOKEN into environment for aws cli commands to work in CI
* remove key and value options from call to boto3_tag_list_to_ansible_dict
* remove wait loop and use boto3 EC2 waiter
* remove unused register: result vars
* revert az argument default value to original setting default=None
* Allow backoff for describe_subnets
Improve exception handling to latest standards
* Add integration test suite for ec2_vpc_subnet
* Add test for creating subnet without AZ
Fix bug identified by test
Fixes#31905
* ec2_group: add support for rule descriptions.
* Document rule description feature and add an example using it.
* Fix removing rule descriptions.
* Add integration tests to verify adding/modifying/removing rule descriptions works as expected.
* Add permissions to hacking/aws_config/testing_policies/ec2-policy.json for updating ingress and egress rule descriptions.
* ec2_group: add backwards compatibility with older versions of botocore for rule descriptions.
* Add compatibility with older version of botocore for ec2_group integration tests.
* ec2_group: move HAS_RULE_DESCRIPTION to be checked first.
* Make requested change
* Pass around a variable instead of client
* Make sure has_rule_description defaults to None
* Fail if rule_desc is in any ingress/egress rules and the the botocore version < 1.7.2
* Remove unnecessary variable
* Fix indentation for changed=True when updating rule descriptions.
* minor refactor to remove duplicate code
* add missing parameter
* Fix pep8
* Update test policy.
Provide all necessary permissions for AMI tests
Allow tests to run in us-east-2
Ensure `always` section gets used
Update tests to ensure that cleanup works better, and add
deletion idempotency test
* Update RDS parameter group for boto3
* Update to boto3
* Update to latest ansible standards
* Remove choices list for valid engines (See #19221 for context)
* Allow tagging
* Return some useful information, and document that information
* Add tests for rds_param_group
* Improve testing of rds_param_group
* Add purge_tags option for rds_param_group
* Fix remaining broken rds_param_group tests
* Ensure the group name is lowercased. Fixes integration tests when run on OSX
* Add tests for group in a VPC
* Improve ec2_group output and documentation
Update ec2_group to provide full security group information
Add RETURN documentation to match
* Fix ec2_group creation within a VPC
Ensure VPC ID gets passed when creating security group
* Add test for auto creating SG
* Fix ec2_group auto group creation
* Add backoff to describe_security_groups
Getting LimitExceeded from describe_security_groups is definitely
possible (source: me) so add backoff to increase likelihood of
success.
To ensure that all `describe_security_group` calls are backed off,
remove implicit ones that use `ec2.SecurityGroup`. From there,
the decision to remove the `ec2` boto3 resource and rely on the client
alone makes good sense.
* Tidy up auto created security group
Add resource_prefix to auto created security group and delete
it in the `always` section.
Use YAML argument form for all module parameters
* Use Boto3 for ec2_group
Currently boto doesn't support ipv6. To support ipv6 in ec2_group, we need boto3.
boto3 has significant API changes, which caused more re-factoring for ec2_group module.
Added additional integration test to test_ec2_group role.
* Follow the standard for boto3 ansible
Fixed imports. Use boto3 ansible exception with camel_dict_to_snake_dict.
Refactored the call to authorize/revoke ingress and egress.
* Removed dependancy with module ipaddress
Added new parameter called cidr_ipv6 for specifying
ipv6 addresses inline with how boto3 handles ipv6 addresses.
* Updated integration test
* Added ipv6 integration test for ec2_group
* Set purge_rules to false for integration test
* Fixed import statements
Added example for ipv6.
Removed defining HAS_BOTO3 variable and import HAS_BOTO3 from ec2.
Cleaned up import statements.
* Fixed exception handling
* Add IAM permissions for ec2_group tests
Missing AuthorizeSecurityGroupEgress necessary for latest tests
* Wrapped botocore import in try/except block
Import just botocore to be more similar to other modules