Skip to content

Commit

Permalink
Mass update of docs and tests (credentials/session tokens) (#1714)
Browse files Browse the repository at this point in the history
Mass update of docs and tests (credentials/session tokens)

SUMMARY
We had a cleanup of credentials/session parameters which included a batch of deprecations and renames.
Ensure that all of our tests and docs are using the 'canonical' names
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
plugins/inventory/aws_ec2.py
plugins/lookup/secretsmanager_secret.py
plugins/lookup/ssm_parameter.py
plugins/modules/ec2_security_group.py
tests/integration/targets
ADDITIONAL INFORMATION
See Also: #1172

Reviewed-by: Alina Buzachis
Reviewed-by: Mark Chappell
  • Loading branch information
tremble committed Sep 27, 2023
1 parent 370b90b commit 3e0da8d
Show file tree
Hide file tree
Showing 144 changed files with 446 additions and 451 deletions.
2 changes: 2 additions & 0 deletions changelogs/fragments/1714-parameters.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
trivial:
- update docs and integration tests to use the canonical parameter names for the credentials parameters.
6 changes: 3 additions & 3 deletions plugins/inventory/aws_ec2.py
Original file line number Diff line number Diff line change
Expand Up @@ -157,9 +157,9 @@
# Example using filters, ignoring permission errors, and specifying the hostname precedence
plugin: amazon.aws.aws_ec2
# The values for profile, access key, secret key and token can be hardcoded like:
boto_profile: aws_profile
profile: aws_profile
# or you could use Jinja as:
# boto_profile: "{{ lookup('env', 'AWS_PROFILE') | default('aws_profile', true) }}"
# profile: "{{ lookup('env', 'AWS_PROFILE') | default('aws_profile', true) }}"
# Populate inventory with instances in these regions
regions:
- us-east-1
Expand Down Expand Up @@ -243,7 +243,7 @@
# Example using groups to assign the running hosts to a group based on vpc_id
plugin: amazon.aws.aws_ec2
boto_profile: aws_profile
profile: aws_profile
# Populate inventory with instances in these regions
regions:
- us-east-2
Expand Down
4 changes: 2 additions & 2 deletions plugins/lookup/secretsmanager_secret.py
Original file line number Diff line number Diff line change
Expand Up @@ -105,8 +105,8 @@
# If an object is of the form `{"key1":{"key2":{"key3":1}}}` the query would return the value `1`.
- name: lookup secretsmanager secret in a specific region using specified region and aws profile using nested feature
debug: >
msg="{{ lookup('amazon.aws.aws_secret', 'secrets.environments.production.password', region=region, aws_profile=aws_profile,
aws_access_key=aws_access_key, aws_secret_key=aws_secret_key, nested=true) }}"
msg="{{ lookup('amazon.aws.aws_secret', 'secrets.environments.production.password', region=region, profile=aws_profile,
access_key=aws_access_key, secret_key=aws_secret_key, nested=true) }}"
# The secret can be queried using the following syntax: `aws_secret_object_name.key1.key2.key3`.
# If an object is of the form `{"key1":{"key2":{"key3":1}}}` the query would return the value `1`.
# Region is the AWS region where the AWS secret is stored.
Expand Down
6 changes: 3 additions & 3 deletions plugins/lookup/ssm_parameter.py
Original file line number Diff line number Diff line change
Expand Up @@ -85,13 +85,13 @@
debug: msg="{{ lookup('amazon.aws.aws_ssm', 'Hello', decrypt=False ) }}"
- name: lookup ssm parameter store using a specified aws profile
debug: msg="{{ lookup('amazon.aws.aws_ssm', 'Hello', aws_profile='myprofile' ) }}"
debug: msg="{{ lookup('amazon.aws.aws_ssm', 'Hello', profile='myprofile' ) }}"
- name: lookup ssm parameter store using explicit aws credentials
debug: msg="{{ lookup('amazon.aws.aws_ssm', 'Hello', aws_access_key=my_aws_access_key, aws_secret_key=my_aws_secret_key, aws_security_token=my_security_token ) }}" # noqa: E501
debug: msg="{{ lookup('amazon.aws.aws_ssm', 'Hello', access_key=my_aws_access_key, secret_key=my_aws_secret_key, session_token=my_session_token ) }}" # noqa: E501
- name: lookup ssm parameter store with all options
debug: msg="{{ lookup('amazon.aws.aws_ssm', 'Hello', decrypt=false, region='us-east-2', aws_profile='myprofile') }}"
debug: msg="{{ lookup('amazon.aws.aws_ssm', 'Hello', decrypt=false, region='us-east-2', profile='myprofile') }}"
- name: lookup ssm parameter and fail if missing
debug: msg="{{ lookup('amazon.aws.aws_ssm', 'missing-parameter') }}"
Expand Down
11 changes: 2 additions & 9 deletions plugins/modules/ec2_security_group.py
Original file line number Diff line number Diff line change
Expand Up @@ -285,13 +285,13 @@
"""

EXAMPLES = r"""
# Note: These examples do not set authentication details, see the AWS Guide for details.
- name: example using security group rule descriptions
amazon.aws.ec2_security_group:
name: "{{ name }}"
description: sg with rule descriptions
vpc_id: vpc-xxxxxxxx
profile: "{{ aws_profile }}"
region: us-east-1
rules:
- proto: tcp
ports:
Expand All @@ -304,8 +304,6 @@
name: "{{ name }}"
description: sg for ICMP
vpc_id: vpc-xxxxxxxx
profile: "{{ aws_profile }}"
region: us-east-1
rules:
- proto: icmp
icmp_type: 3
Expand All @@ -317,9 +315,6 @@
name: example
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
aws_secret_key: SECRET
aws_access_key: ACCESS
rules:
- proto: tcp
from_port: 80
Expand Down Expand Up @@ -377,7 +372,6 @@
name: example2
description: an example2 EC2 group
vpc_id: 12345
region: eu-west-1
rules:
# 'ports' rule keyword was introduced in version 2.4. It accepts a single
# port value or a list of values including ranges (from_port-to_port).
Expand Down Expand Up @@ -414,7 +408,6 @@
- name: "Delete group by its id"
amazon.aws.ec2_security_group:
region: eu-west-1
group_id: sg-33b4ee5b
state: absent
"""
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/autoscaling_group/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,9 @@
tasks:
- module_defaults:
group/aws:
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
region: '{{ aws_region }}'
block:
- include_role:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@

- name: test without specifying required module options
autoscaling_group:
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
ignore_errors: true
register: result
- name: assert name is a required module option
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@
- name: Wrap up all tests and setup AWS credentials
module_defaults:
group/aws:
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
region: '{{ aws_region }}'
aws_config:
retries:
Expand Down
8 changes: 4 additions & 4 deletions tests/integration/targets/aws_az_info/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
---
- module_defaults:
group/aws:
aws_access_key: '{{ aws_access_key | default(omit) }}'
aws_secret_key: '{{ aws_secret_key | default(omit) }}'
security_token: '{{ security_token | default(omit) }}'
region: '{{ aws_region | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
region: '{{ aws_region }}'

block:
- name: 'List available AZs in current Region'
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/aws_caller_info/tasks/main.yaml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
- module_defaults:
group/aws:
region: "{{ aws_region }}"
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token | default(omit) }}"
access_key: "{{ aws_access_key }}"
secret_key: "{{ aws_secret_key }}"
session_token: "{{ security_token | default(omit) }}"
block:
- name: retrieve caller facts
aws_caller_info:
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/backup_plan/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
---
- module_defaults:
group/aws:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token | default(omit) }}"
access_key: "{{ aws_access_key }}"
secret_key: "{{ aws_secret_key }}"
session_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"
block:
- name: Create a backup vault for the plan to target
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/backup_selection/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
---
- module_defaults:
group/aws:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token | default(omit) }}"
access_key: "{{ aws_access_key }}"
secret_key: "{{ aws_secret_key }}"
session_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"

block:
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/backup_tag/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
---
- module_defaults:
group/aws:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token | default(omit) }}"
access_key: "{{ aws_access_key }}"
secret_key: "{{ aws_secret_key }}"
session_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"
block:

Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/backup_vault/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
---
- module_defaults:
group/aws:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token | default(omit) }}"
access_key: "{{ aws_access_key }}"
secret_key: "{{ aws_secret_key }}"
session_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"
block:
- name: create a key
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@
- amazon.aws
module_defaults:
group/aws:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token | default(omit) }}"
access_key: "{{ aws_access_key }}"
secret_key: "{{ aws_secret_key }}"
session_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"
tasks:
- ec2_instance_info:
Expand Down
8 changes: 4 additions & 4 deletions tests/integration/targets/cloudformation/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
---
- module_defaults:
group/aws:
aws_access_key: '{{ aws_access_key | default(omit) }}'
aws_secret_key: '{{ aws_secret_key | default(omit) }}'
security_token: '{{ security_token | default(omit) }}'
region: '{{ aws_region | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
region: '{{ aws_region }}'

block:

Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/cloudtrail/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -1347,9 +1347,9 @@
state: present
name: '{{ cloudtrail_name }}'
kms_key_id: 'alias/{{ kms_alias }}'
aws_access_key: "{{ noKms_assumed_role.sts_creds.access_key }}"
aws_secret_key: "{{ noKms_assumed_role.sts_creds.secret_key }}"
security_token: "{{ noKms_assumed_role.sts_creds.session_token }}"
access_key: "{{ noKms_assumed_role.sts_creds.access_key }}"
secret_key: "{{ noKms_assumed_role.sts_creds.secret_key }}"
session_token: "{{ noKms_assumed_role.sts_creds.session_token }}"
check_mode: yes
register: output
- assert:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
- name: run cloudwatch_metric_alarm tests
module_defaults:
group/aws:
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
region: '{{ aws_region }}'
block:
- set_fact:
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/cloudwatchevent_rule/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
- module_defaults:
group/aws:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token | default(omit) }}"
access_key: "{{ aws_access_key }}"
secret_key: "{{ aws_secret_key }}"
session_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"

block:
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/cloudwatchlogs/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@

- module_defaults:
group/aws:
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
region: '{{ aws_region }}'

block:
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/ec2_ami/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
- module_defaults:
group/aws:
aws_region: '{{ aws_region }}'
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
collections:
- amazon.aws
block:
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/ec2_ami_instance/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
- module_defaults:
group/aws:
aws_region: '{{ aws_region }}'
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
collections:
- amazon.aws
block:
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/ec2_ami_snapshot/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
- module_defaults:
group/aws:
aws_region: '{{ aws_region }}'
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
collections:
- amazon.aws
block:
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/ec2_ami_tpm/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
- module_defaults:
group/aws:
aws_region: '{{ aws_region }}'
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
collections:
- amazon.aws
block:
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/ec2_eip/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
- name: Integration testing for ec2_eip
module_defaults:
group/aws:
aws_access_key: '{{ aws_access_key }}'
aws_secret_key: '{{ aws_secret_key }}'
security_token: '{{ security_token | default(omit) }}'
access_key: '{{ aws_access_key }}'
secret_key: '{{ aws_secret_key }}'
session_token: '{{ security_token | default(omit) }}'
region: '{{ aws_region }}'
amazon.aws.ec2_eip:
in_vpc: true
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/targets/ec2_eni/tasks/main.yaml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
---
- module_defaults:
group/aws:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token | default(omit) }}"
access_key: "{{ aws_access_key }}"
secret_key: "{{ aws_secret_key }}"
session_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"

collections:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
- module_defaults:
group/aws:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token | default(omit) }}"
access_key: "{{ aws_access_key }}"
secret_key: "{{ aws_secret_key }}"
session_token: "{{ security_token | default(omit) }}"
region: "{{ aws_region }}"
block:
- name: "New instance with an extra block device"
Expand Down
Loading

0 comments on commit 3e0da8d

Please sign in to comment.