Skip to content

Commit

Permalink
ec2_security_group - Deprecate automatic flattening of lists passed t…
Browse files Browse the repository at this point in the history
…o cidr_ip and cidr_ipv6 (#1213)

ec2_security_group - Deprecate automatic flattening of lists passed to cidr_ip and cidr_ipv6

SUMMARY
ec2_security_group currently has its own "flatten" implementation built into the evaluation of cidr_ip and cidr_ipv6, which allows folks to do things like:
  - ec2_security_group:
      name: '{{ ec2_group_name }}'
      description: '{{ ec2_group_description }}'
      state: present
      rules:
      - proto: "tcp"
        from_port: 8182
        to_port: 8182
        cidr_ipv6:
          - "64:ff9b::/96"
          - ["2620::/32"]
      - proto: "tcp"
        ports: 5665
        cidr_ip:
          - 172.16.1.0/24
          - 172.16.17.0/24
          - ["10.0.0.0/24", "10.20.0.0/24"]

Support for this was originally added prior to the addition of the flatten filter in Ansible 2.5.  Behaviour like this isn't consistent with our other modules and adds additional complexity to an already very complex module.
ISSUE TYPE

Feature Pull Request

COMPONENT NAME
ec2_security_group
ADDITIONAL INFORMATION

Reviewed-by: Alina Buzachis <None>
Reviewed-by: Mark Chappell <None>
  • Loading branch information
tremble authored Oct 27, 2022
1 parent 8dfe6cc commit e436817
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 0 deletions.
4 changes: 4 additions & 0 deletions changelogs/fragments/20221027-ec2_security_group-nested.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
deprecated_features:
- >
ec2_security_group - support for passing nested lists to ``cidr_ip`` and ``cidr_ipv6`` has been deprecated.
Nested lists can be passed through the ``flatten`` filter instead ``cidr_ip: '{{ my_cidrs | flatten }}'`` (https://github.com/ansible-collections/amazon.aws/pull/1213).
11 changes: 11 additions & 0 deletions plugins/modules/ec2_security_group.py
Original file line number Diff line number Diff line change
Expand Up @@ -56,12 +56,16 @@
- The IPv4 CIDR range traffic is coming from.
- You can specify only one of I(cidr_ip), I(cidr_ipv6), I(ip_prefix), I(group_id)
and I(group_name).
- Support for passing nested lists of strings to I(cidr_ip) has been deprecated and will
be removed in a release after 2024-12-01.
cidr_ipv6:
type: str
description:
- The IPv6 CIDR range traffic is coming from.
- You can specify only one of I(cidr_ip), I(cidr_ipv6), I(ip_prefix), I(group_id)
and I(group_name).
- Support for passing nested lists of strings to I(cidr_ipv6) has been deprecated and will
be removed in a release after 2024-12-01.
ip_prefix:
type: str
description:
Expand Down Expand Up @@ -142,12 +146,16 @@
- The IPv4 CIDR range traffic is going to.
- You can specify only one of I(cidr_ip), I(cidr_ipv6), I(ip_prefix), I(group_id)
and I(group_name).
- Support for passing nested lists of strings to I(cidr_ip) has been deprecated and will
be removed in a release after 2024-12-01.
cidr_ipv6:
type: str
description:
- The IPv6 CIDR range traffic is going to.
- You can specify only one of I(cidr_ip), I(cidr_ipv6), I(ip_prefix), I(group_id)
and I(group_name).
- Support for passing nested lists of strings to I(cidr_ipv6) has been deprecated and will
be removed in a release after 2024-12-01.
ip_prefix:
type: str
description:
Expand Down Expand Up @@ -1213,6 +1221,9 @@ def flatten_nested_targets(module, rules):
def _flatten(targets):
for target in targets:
if isinstance(target, list):
module.deprecate('Support for nested lists in cidr_ip and cidr_ipv6 has been '
'deprecated. The flatten filter can be used instead.',
date='2024-12-01', collection_name='amazon.aws')
for t in _flatten(target):
yield t
elif isinstance(target, string_types):
Expand Down

0 comments on commit e436817

Please sign in to comment.