diff --git a/changelogs/fragments/1753-cloudfront-add-http3.yml b/changelogs/fragments/1753-cloudfront-add-http3.yml new file mode 100644 index 00000000000..493d72145af --- /dev/null +++ b/changelogs/fragments/1753-cloudfront-add-http3.yml @@ -0,0 +1,2 @@ +minor_changes: + - cloudfront_distribution - add ``http3`` support via parameter value ``http2and3`` for parameter ``http_version`` (https://github.com/ansible-collections/community.aws/pull/1753). diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py index ec6e74daf36..82a00b283be 100644 --- a/plugins/modules/cloudfront_distribution.py +++ b/plugins/modules/cloudfront_distribution.py @@ -568,7 +568,7 @@ description: - The version of the http protocol to use for the distribution. - AWS defaults this to C(http2). - - Valid values are C(http1.1) and C(http2). + - Valid values are C(http1.1), C(http2), C(http3) and C(http2and3). type: str ipv6_enabled: @@ -1617,35 +1617,16 @@ def __init__(self, module): self.__valid_methods_cached_methods[1], self.__valid_methods ] - self.__valid_lambda_function_association_event_types = set([ - 'viewer-request', - 'viewer-response', - 'origin-request', - 'origin-response' - ]) - self.__valid_viewer_certificate_ssl_support_methods = set([ - 'sni-only', - 'vip' - ]) - self.__valid_viewer_certificate_minimum_protocol_versions = set([ - 'SSLv3', - 'TLSv1', - 'TLSv1_2016', - 'TLSv1.1_2016', - 'TLSv1.2_2018', - 'TLSv1.2_2019', - 'TLSv1.2_2021' - ]) - self.__valid_viewer_certificate_certificate_sources = set([ - 'cloudfront', - 'iam', - 'acm' - ]) - self.__valid_http_versions = set([ - 'http1.1', - 'http2' - ]) - self.__s3_bucket_domain_identifier = '.s3.amazonaws.com' + self.__valid_lambda_function_association_event_types = set( + ["viewer-request", "viewer-response", "origin-request", "origin-response"] + ) + self.__valid_viewer_certificate_ssl_support_methods = set(["sni-only", "vip"]) + self.__valid_viewer_certificate_minimum_protocol_versions = set( + ["SSLv3", "TLSv1", "TLSv1_2016", "TLSv1.1_2016", "TLSv1.2_2018", "TLSv1.2_2019", "TLSv1.2_2021"] + ) + self.__valid_viewer_certificate_certificate_sources = set(["cloudfront", "iam", "acm"]) + self.__valid_http_versions = set(["http1.1", "http2", "http3", "http2and3"]) + self.__s3_bucket_domain_identifier = ".s3.amazonaws.com" def add_missing_key(self, dict_object, key_to_set, value_to_set): if key_to_set not in dict_object and value_to_set is not None: diff --git a/tests/integration/targets/cloudfront_distribution/tasks/main.yml b/tests/integration/targets/cloudfront_distribution/tasks/main.yml index 031aae1e490..729e5a7a0a8 100644 --- a/tests/integration/targets/cloudfront_distribution/tasks/main.yml +++ b/tests/integration/targets/cloudfront_distribution/tasks/main.yml @@ -86,6 +86,24 @@ # - not cf_update_ipv6.changed - cf_update_ipv6.is_ipv6_enabled + - name: Ensure that default value of 'http_version' is 'http2' + assert: + that: + - cf_update_ipv6.http_version == 'http2' + + - name: Update the distribution http_version to http2and3 + cloudfront_distribution: + state: present + distribution_id: "{{ distribution_id }}" + http_version: http2and3 + register: cf_update_http_version + + - name: Ensure that default value of 'http_version' is 'http2and3' + assert: + that: + - cf_update_http_version.changed + - cf_update_http_version.http_version == 'http2and3' + # - name: re-run cloudfront distribution with same defaults # cloudfront_distribution: # distribution_id: "{{ distribution_id }}"