From 91050042f8b2aed2713d7363252bb57dba0a9d63 Mon Sep 17 00:00:00 2001 From: jillr Date: Mon, 2 Mar 2020 19:25:18 +0000 Subject: [PATCH 01/24] Initial commit This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/eb75681585a23ea79e642b86a0f8e64e0f40a6d7 --- plugins/modules/iam_mfa_device_info.py | 117 +++++++++++++++++++++++++ 1 file changed, 117 insertions(+) create mode 100644 plugins/modules/iam_mfa_device_info.py diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py new file mode 100644 index 00000000000..712a951a5d9 --- /dev/null +++ b/plugins/modules/iam_mfa_device_info.py @@ -0,0 +1,117 @@ +#!/usr/bin/python +# Copyright: Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + + +DOCUMENTATION = ''' +--- +module: iam_mfa_device_info +short_description: List the MFA (Multi-Factor Authentication) devices registered for a user +description: + - List the MFA (Multi-Factor Authentication) devices registered for a user + - This module was called C(iam_mfa_device_facts) before Ansible 2.9. The usage did not change. +author: Victor Costan (@pwnall) +options: + user_name: + description: + - The name of the user whose MFA devices will be listed + type: str +extends_documentation_fragment: +- ansible.amazon.aws +- ansible.amazon.ec2 + +requirements: + - boto3 + - botocore +''' + +RETURN = """ +mfa_devices: + description: The MFA devices registered for the given user + returned: always + type: list + sample: + - enable_date: "2016-03-11T23:25:36+00:00" + serial_number: arn:aws:iam::085120003701:mfa/pwnall + user_name: pwnall + - enable_date: "2016-03-11T23:25:37+00:00" + serial_number: arn:aws:iam::085120003702:mfa/pwnall + user_name: pwnall +""" + +EXAMPLES = ''' +# Note: These examples do not set authentication details, see the AWS Guide for details. + +# List MFA devices (more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html) +- iam_mfa_device_info: + register: mfa_devices + +# Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) +- sts_assume_role: + mfa_serial_number: "{{ mfa_devices.mfa_devices[0].serial_number }}" + role_arn: "arn:aws:iam::123456789012:role/someRole" + role_session_name: "someRoleSession" + register: assumed_role +''' + +try: + import boto3 + from botocore.exceptions import ClientError + HAS_BOTO3 = True +except ImportError: + HAS_BOTO3 = False + +from ansible.module_utils.basic import AnsibleModule +from ansible_collections.ansible.amazon.plugins.module_utils.ec2 import (HAS_BOTO3, boto3_conn, camel_dict_to_snake_dict, ec2_argument_spec, + get_aws_connection_info) + + +def list_mfa_devices(connection, module): + user_name = module.params.get('user_name') + changed = False + + args = {} + if user_name is not None: + args['UserName'] = user_name + try: + response = connection.list_mfa_devices(**args) + except ClientError as e: + module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + + module.exit_json(changed=changed, **camel_dict_to_snake_dict(response)) + + +def main(): + argument_spec = ec2_argument_spec() + argument_spec.update( + dict( + user_name=dict(required=False, default=None) + ) + ) + + module = AnsibleModule(argument_spec=argument_spec) + if module._name == 'iam_mfa_device_facts': + module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", version='2.13') + + if not HAS_BOTO3: + module.fail_json(msg='boto3 required for this module') + + region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) + if region: + connection = boto3_conn(module, conn_type='client', resource='iam', region=region, endpoint=ec2_url, **aws_connect_kwargs) + else: + module.fail_json(msg="region must be specified") + + list_mfa_devices(connection, module) + + +if __name__ == '__main__': + main() From 1a4da2c6759f477b5728c91c00f13cc6f80406c9 Mon Sep 17 00:00:00 2001 From: jillr Date: Tue, 3 Mar 2020 19:43:21 +0000 Subject: [PATCH 02/24] migration test cleanup This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/13b104b912784bb31a0bff23eed4c27b0f5e0283 --- plugins/modules/iam_mfa_device_info.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 712a951a5d9..6f7b9f1e3da 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -70,8 +70,12 @@ HAS_BOTO3 = False from ansible.module_utils.basic import AnsibleModule -from ansible_collections.ansible.amazon.plugins.module_utils.ec2 import (HAS_BOTO3, boto3_conn, camel_dict_to_snake_dict, ec2_argument_spec, - get_aws_connection_info) +from ansible_collections.ansible.amazon.plugins.module_utils.ec2 import (HAS_BOTO3, + boto3_conn, + camel_dict_to_snake_dict, + ec2_argument_spec, + get_aws_connection_info, + ) def list_mfa_devices(connection, module): From f0a2030250a16c1a846226d88f63518d327c8f7f Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 25 Mar 2020 15:39:40 -0700 Subject: [PATCH 03/24] Rename collection (#12) * Rename core collection Rename references to ansible.amazon to amazon.aws. * Rename community.amazon to community.aws Fix pep8 line lengths for rewritten amazon.aws imports * Missed a path in shippable.sh * Dependency repos moved This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/235c5db571cc45db5839476c94356c9b91e1f228 --- plugins/modules/iam_mfa_device_info.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 6f7b9f1e3da..12dae087a70 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -25,8 +25,8 @@ - The name of the user whose MFA devices will be listed type: str extends_documentation_fragment: -- ansible.amazon.aws -- ansible.amazon.ec2 +- amazon.aws.aws +- amazon.aws.ec2 requirements: - boto3 @@ -70,12 +70,12 @@ HAS_BOTO3 = False from ansible.module_utils.basic import AnsibleModule -from ansible_collections.ansible.amazon.plugins.module_utils.ec2 import (HAS_BOTO3, - boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, + boto3_conn, + camel_dict_to_snake_dict, + ec2_argument_spec, + get_aws_connection_info, + ) def list_mfa_devices(connection, module): From 4ab93ff81a88f0aa51b9ba0e8932a93cb49dbff3 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Tue, 19 May 2020 16:06:12 -0700 Subject: [PATCH 04/24] Remove METADATA and cleanup galaxy.yml (#70) * Remove ANSIBLE_METADATA entirely, see ansible/ansible/pull/69454. Remove `license` field from galaxy.yml, in favor of `license_file`. This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/05672a64e2362cc2d865b5af6a57da6bc3cd08e3 --- plugins/modules/iam_mfa_device_info.py | 5 ----- 1 file changed, 5 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 12dae087a70..2431a57c063 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: iam_mfa_device_info From e763c8ff420533e81b6c9b6d1a098ad1b5c88502 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Tue, 16 Jun 2020 11:23:52 -0700 Subject: [PATCH 05/24] Collections related fixes for CI (#96) * Update module deprecations Switch version to `removed_at_date` * Don't install amazon.aws from galaxy We've been using galaxy to install amazon.aws in shippable, but that doesn't really work if we aren't publising faster. Get that collection from git so it is most up to date. * We need to declare python test deps now * missed a python dep This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/7cd211e9383db26bc2aa4cc06e657cf60ed0acc0 --- plugins/modules/iam_mfa_device_info.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 2431a57c063..bb59d8d8177 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -98,7 +98,7 @@ def main(): module = AnsibleModule(argument_spec=argument_spec) if module._name == 'iam_mfa_device_facts': - module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", version='2.13') + module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 required for this module') From cc731da18258fb8a191545166b54fca7ac18d1f5 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Wed, 17 Jun 2020 01:24:54 +0530 Subject: [PATCH 06/24] Update Examples with FQCN (#67) Updated module examples with FQCN Signed-off-by: Abhijeet Kasurde This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/98173aefbbceed7fc0d9db62687b73f96a55a999 --- plugins/modules/iam_mfa_device_info.py | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index bb59d8d8177..07e98d6851c 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -42,15 +42,17 @@ user_name: pwnall """ -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# List MFA devices (more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html) -- iam_mfa_device_info: +# more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html +- name: List MFA devices + community.aws.iam_mfa_device_info: register: mfa_devices -# Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) -- sts_assume_role: +# more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html +- name: Assume an existing role + community.aws.sts_assume_role: mfa_serial_number: "{{ mfa_devices.mfa_devices[0].serial_number }}" role_arn: "arn:aws:iam::123456789012:role/someRole" role_session_name: "someRoleSession" From a518f55bc5cc2c82d328e9e89440a2276d9607f0 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 17 Jun 2020 09:31:32 -0700 Subject: [PATCH 07/24] Update docs (#99) * Update docs Remove .git from repo url so links in readme will generate correctly Add required ansible version Run latest version of add_docs.py Add version_added string to modules * galaxy.yml was missing authors This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/96ee268e5267f5b12c3d59892bc1279f75aa3135 --- plugins/modules/iam_mfa_device_info.py | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 07e98d6851c..f8c37a91acf 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: iam_mfa_device_info +version_added: 1.0.0 short_description: List the MFA (Multi-Factor Authentication) devices registered for a user description: - List the MFA (Multi-Factor Authentication) devices registered for a user From c71dbe40c5e2041a083ec4b7363c28fc9d96bda8 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 12 Aug 2020 13:06:35 +0200 Subject: [PATCH 08/24] Bulk migration to AnsibleAWSModule (#173) * Update comments to reference AnsibleAWSModule rather than AnsibleModule * Bulk re-order imports and split onto one from import per-line. * Add AnsibleAWSModule imports * Migrate boto 2 based modules to AnsibleAWSModule * Move boto3-only modules over to AnsibleAWSModule * Remove extra ec2_argument_spec calls - not needed now we're using AnsibleAWSModule * Remove most HAS_BOTO3 code, it's handled by AnsibleAWSModule * Handle missing Boto 2 consistently (HAS_BOTO) * Remove AnsibleModule imports * Changelog fragment This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/818c6d2faa046974a9bdfa9346122d11e5bef3b1 --- plugins/modules/iam_mfa_device_info.py | 26 ++++++++------------------ 1 file changed, 8 insertions(+), 18 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index f8c37a91acf..727242751a6 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -63,17 +63,13 @@ try: import boto3 from botocore.exceptions import ClientError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, - boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def list_mfa_devices(connection, module): @@ -92,20 +88,14 @@ def list_mfa_devices(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - user_name=dict(required=False, default=None) - ) + argument_spec = dict( + user_name=dict(required=False, default=None), ) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec) if module._name == 'iam_mfa_device_facts': module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) if region: connection = boto3_conn(module, conn_type='client', resource='iam', region=region, endpoint=ec2_url, **aws_connect_kwargs) From 38f6e64137dd843a235a2ba401aadbe9f3ccb0bf Mon Sep 17 00:00:00 2001 From: Vincent Vinet Date: Sat, 15 Aug 2020 09:11:59 -0400 Subject: [PATCH 09/24] =?UTF-8?q?Python=203=20compatibility=20error=20hand?= =?UTF-8?q?ling:=20use=20to=5Fnative(e)=20instead=20of=20str(e)=20or=20e.m?= =?UTF-8?q?e=E2=80=A6=20(#26)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Py3 compat error handling: use to_native(e) instead of str(e) or e.message * PR comment changes, use fail_json_aws and is_boto3_error_code This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/ffe14f95186399dc080019554035021015765872 --- plugins/modules/iam_mfa_device_info.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 727242751a6..c107c39f67b 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -82,7 +82,7 @@ def list_mfa_devices(connection, module): try: response = connection.list_mfa_devices(**args) except ClientError as e: - module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to list MFA devices") module.exit_json(changed=changed, **camel_dict_to_snake_dict(response)) From 8d35a03cfbc096adbff5b42f3c7ac702fdf24d97 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 26 Aug 2020 11:35:32 +0200 Subject: [PATCH 10/24] Cleanup: Bulk Migration from boto3_conn to module.client() (#188) * Migrate from boto3_conn to module.client * Simplify error handling when creating connections * Simplify Region handling * Remove unused imports * Changelog This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/6bdf00d2198927bdaa119ae76ddd379a8b6eeb3d --- plugins/modules/iam_mfa_device_info.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index c107c39f67b..c79afab095f 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -62,14 +62,13 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def list_mfa_devices(connection, module): @@ -96,11 +95,10 @@ def main(): if module._name == 'iam_mfa_device_facts': module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", date='2021-12-01', collection_name='community.aws') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if region: - connection = boto3_conn(module, conn_type='client', resource='iam', region=region, endpoint=ec2_url, **aws_connect_kwargs) - else: - module.fail_json(msg="region must be specified") + try: + connection = module.client('iam') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') list_mfa_devices(connection, module) From 05858c283370288276fe40b045ea4a1ce924bdb2 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Sat, 16 Jan 2021 10:50:49 +0100 Subject: [PATCH 11/24] Bulk import cleanup (#360) * Split imports and reorder * Import camel_dict_to_snake_dict and snake_dict_to_camel_dict direct from ansible.module_utils.common.dict_transformations * Remove unused imports * Route53 Info was migrated to Boto3 drop the HAS_BOTO check and import * changelog This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/130cf3cc5980014020632f19fdab79c9bcf28add --- plugins/modules/iam_mfa_device_info.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index c79afab095f..e86687134a9 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -61,14 +61,14 @@ ''' try: - import boto3 import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def list_mfa_devices(connection, module): From d22ff45b59c586f08f1efaf1207dcf319d49fe86 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Thu, 6 May 2021 21:01:46 +0200 Subject: [PATCH 12/24] Update the default module requirements from python 2.6/boto to python 3.6/boto3 This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/c097c55293be0834a2b9d394733ec28965d142d7 --- plugins/modules/iam_mfa_device_info.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index e86687134a9..b04b912549c 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -23,10 +23,6 @@ extends_documentation_fragment: - amazon.aws.aws - amazon.aws.ec2 - -requirements: - - boto3 - - botocore ''' RETURN = """ From 18abdc3df2b6ef6ec63eb14813dbf4504d9c9c98 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 28 Jul 2021 08:47:51 +0200 Subject: [PATCH 13/24] Update remaining _info modules so that they run in check_mode https://github.com/ansible-collections/overview/blob/main/collection_requirements.rst#development-conventions https://docs.ansible.com/ansible/devel/dev_guide/developing_modules_best_practices.html#following-ansible-conventions https://github.com/ansible/ansible/pull/75324 fixes: https://github.com/ansible-collections/community.aws/issues/659 This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/8081e69daacab87c334497782579d2f0de08f63d --- plugins/modules/iam_mfa_device_info.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index b04b912549c..78cfe8249d0 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -87,7 +87,10 @@ def main(): user_name=dict(required=False, default=None), ) - module = AnsibleAWSModule(argument_spec=argument_spec) + module = AnsibleAWSModule( + argument_spec=argument_spec, + supports_check_mode=True, + ) if module._name == 'iam_mfa_device_facts': module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", date='2021-12-01', collection_name='community.aws') From 84094fef7823b99182c6ddd563884410710252a3 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 2 Dec 2021 02:58:06 -0700 Subject: [PATCH 14/24] Remove deprecated "facts" aliases (#814) Remove deprecated "facts" aliases SUMMARY Modules named "facts.py" that do not return ansible_facts were renamed to "info.py" in 2.9. Remove these aliases now that the deprecation period is over. This PR should be included in 3.0.0 of the collection. ISSUE TYPE Bugfix Pull Request COMPONENT NAME *_facts.py Reviewed-by: Mark Chappell Reviewed-by: Jill R Reviewed-by: None This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/68aaa7057be46a3ab36f572fd0013d64653af909 --- plugins/modules/iam_mfa_device_info.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 78cfe8249d0..4cd27875273 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -13,7 +13,6 @@ short_description: List the MFA (Multi-Factor Authentication) devices registered for a user description: - List the MFA (Multi-Factor Authentication) devices registered for a user - - This module was called C(iam_mfa_device_facts) before Ansible 2.9. The usage did not change. author: Victor Costan (@pwnall) options: user_name: @@ -91,8 +90,6 @@ def main(): argument_spec=argument_spec, supports_check_mode=True, ) - if module._name == 'iam_mfa_device_facts': - module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", date='2021-12-01', collection_name='community.aws') try: connection = module.client('iam') From 8f925558d6c252cd75fcd2a98b4b0b47f7378ee9 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 28 Sep 2022 13:40:43 +0200 Subject: [PATCH 15/24] Make example AWS UUIDS follow a specific pattern (#1539) Make example AWS UUIDS follow a specific pattern SUMMARY Various AWS IAM resources have UUID which follow a specific pattern. Similarly AWS accounts are all 12 digit numbers (text aliases in a couple of cases). To minimize the risk of accidental data leaks use a consistent Account ID in examples (123456789012), and a specific format for the UUIDS: (AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)12345EXAMPLE54321 While this does nothing about historic data, having consistency makes it easier to prevent future leaks. Note: We should follow this up with an update to the developer docs, however I'd like to get this in prior to 5.0.0 ISSUE TYPE Docs Pull Request COMPONENT NAME plugins/modules/acm_certificate_info.py plugins/modules/application_autoscaling_policy.py plugins/modules/autoscaling_launch_config.py plugins/modules/autoscaling_launch_config_info.py plugins/modules/codecommit_repository.py plugins/modules/directconnect_link_aggregation_group.py plugins/modules/dms_endpoint.py plugins/modules/dynamodb_table.py plugins/modules/ec2_transit_gateway_info.py plugins/modules/ec2_transit_gateway_vpc_attachment.py plugins/modules/ec2_transit_gateway_vpc_attachment_info.py plugins/modules/ec2_vpc_peer.py plugins/modules/ec2_vpc_peering_info.py plugins/modules/ec2_vpc_vpn_info.py plugins/modules/ecs_cluster.py plugins/modules/ecs_ecr.py plugins/modules/ecs_service.py plugins/modules/ecs_service_info.py plugins/modules/ecs_task.py plugins/modules/efs.py plugins/modules/efs_info.py plugins/modules/eks_cluster.py plugins/modules/elasticache_subnet_group.py plugins/modules/elb_network_lb.py plugins/modules/elb_target_group.py plugins/modules/elb_target_group_info.py plugins/modules/elb_target_info.py plugins/modules/iam_group.py plugins/modules/iam_managed_policy.py plugins/modules/iam_mfa_device_info.py plugins/modules/iam_server_certificate_info.py plugins/modules/lightsail.py plugins/modules/lightsail_static_ip.py plugins/modules/msk_cluster.py plugins/modules/s3_bucket_notification.py plugins/modules/sns_topic.py plugins/modules/sns_topic_info.py plugins/modules/sqs_queue.py plugins/modules/stepfunctions_state_machine.py plugins/modules/stepfunctions_state_machine_execution.py plugins/modules/storagegateway_info.py plugins/modules/wafv2_web_acl.py ADDITIONAL INFORMATION While the 'secret' nature of these UUIDs is debatable (they're closer to user names than passwords), deliberately mangling them makes it easier for InfoSec teams to spot when their secret counterparts may have been leaked in combination with a real 'public' part. This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/94764225332c869eefa574a8948da680bb668407 --- plugins/modules/iam_mfa_device_info.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 4cd27875273..a2801ca9482 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -31,11 +31,11 @@ type: list sample: - enable_date: "2016-03-11T23:25:36+00:00" - serial_number: arn:aws:iam::085120003701:mfa/pwnall - user_name: pwnall + serial_number: arn:aws:iam::123456789012:mfa/example + user_name: example - enable_date: "2016-03-11T23:25:37+00:00" - serial_number: arn:aws:iam::085120003702:mfa/pwnall - user_name: pwnall + serial_number: arn:aws:iam::123456789012:mfa/example + user_name: example """ EXAMPLES = r''' From 2f2254019b61e1e8187101f9a0e798abc2d28c5f Mon Sep 17 00:00:00 2001 From: Alina Buzachis Date: Wed, 5 Oct 2022 17:04:40 +0200 Subject: [PATCH 16/24] Update extends_documentation_fragment with amazon.aws.boto3 (#1459) Update extends_documentation_fragment with amazon.aws.boto3 Depends-On: ansible/ansible-zuul-jobs#1654 SUMMARY As per ansible-collections/amazon.aws#985 add amazon.aws.boto3. ISSUE TYPE Docs Pull Request COMPONENT NAME several Reviewed-by: Jill R Reviewed-by: Mark Chappell Reviewed-by: Markus Bergholz This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/bd3c03fcba0848f593b86309740fa73e986a9646 --- plugins/modules/iam_mfa_device_info.py | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index a2801ca9482..16abae17087 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -22,6 +22,7 @@ extends_documentation_fragment: - amazon.aws.aws - amazon.aws.ec2 +- amazon.aws.boto3 ''' RETURN = """ From 5ad3dbed4018e036f984a6125910483b45ab8bed Mon Sep 17 00:00:00 2001 From: Bikouo Aubin <79859644+abikouo@users.noreply.github.com> Date: Tue, 10 Jan 2023 19:22:13 +0100 Subject: [PATCH 17/24] Ansible User-Agent identification for community.aws (#1632) Ansible User-Agent identification for community.aws SUMMARY The value will be similar to this APN/1.0 Ansible/2.14.1 community.aws/6.0.0-dev0 ISSUE TYPE Feature Pull Request Reviewed-by: Mark Chappell Reviewed-by: Bikouo Aubin Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/a8cbce24071bcc62fe4594c38aff1baf18bd2862 --- plugins/modules/iam_mfa_device_info.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 16abae17087..8b78eee02f9 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -64,7 +64,7 @@ from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.community.aws.plugins.module_utils.modules import AnsibleCommunityAWSModule as AnsibleAWSModule def list_mfa_devices(connection, module): From d4e1904b78013308cbede88e2a976ed8b1f9257c Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 8 Mar 2023 12:07:26 +0100 Subject: [PATCH 18/24] Cleanup headers and imports (#1738) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cleanup headers and imports SUMMARY Mass update of imports, docs fragments and file headers Many of the amazon.aws module_utils and docs fragments got moved about, update community.aws to reflect this. Consistently apply the comment headers as documented at https://docs.ansible.com/ansible/devel/dev_guide/developing_modules_documenting.html#python-shebang-utf-8-coding ISSUE TYPE Docs Pull Request Feature Pull Request COMPONENT NAME ADDITIONAL INFORMATION Header cleanup based upon: https://docs.ansible.com/ansible/devel/dev_guide/developing_modules_documenting.html#python-shebang-utf-8-coding Begin your Ansible module with #!/usr/bin/python - this “shebang” allows ansible_python_interpreter to work. Follow the shebang immediately with # -*- coding: utf-8 -*- to clarify that the file is UTF-8 encoded. and https://docs.ansible.com/ansible/devel/dev_guide/developing_modules_documenting.html#copyright-and-license After the shebang and UTF-8 coding, add a copyright line with the original copyright holder and a license declaration. The license declaration should be ONLY one line, not the full GPL prefix. ... Additions to the module (for instance, rewrites) are not permitted to add additional copyright lines other than the default copyright statement if missing: Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/a4f20bf114bfab19b1c84c4ecf42efd5614ab80c --- plugins/modules/iam_mfa_device_info.py | 27 +++++++++++++------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 8b78eee02f9..c0c434a9be9 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -1,31 +1,30 @@ #!/usr/bin/python +# -*- coding: utf-8 -*- + # Copyright: Ansible Project # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) -from __future__ import absolute_import, division, print_function -__metaclass__ = type - - -DOCUMENTATION = ''' +DOCUMENTATION = r""" --- module: iam_mfa_device_info version_added: 1.0.0 short_description: List the MFA (Multi-Factor Authentication) devices registered for a user description: - - List the MFA (Multi-Factor Authentication) devices registered for a user -author: Victor Costan (@pwnall) + - List the MFA (Multi-Factor Authentication) devices registered for a user +author: + - Victor Costan (@pwnall) options: user_name: description: - The name of the user whose MFA devices will be listed type: str extends_documentation_fragment: -- amazon.aws.aws -- amazon.aws.ec2 -- amazon.aws.boto3 -''' + - amazon.aws.common.modules + - amazon.aws.region.modules + - amazon.aws.boto3 +""" -RETURN = """ +RETURN = r""" mfa_devices: description: The MFA devices registered for the given user returned: always @@ -39,7 +38,7 @@ user_name: example """ -EXAMPLES = r''' +EXAMPLES = r""" # Note: These examples do not set authentication details, see the AWS Guide for details. # more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html @@ -54,7 +53,7 @@ role_arn: "arn:aws:iam::123456789012:role/someRole" role_session_name: "someRoleSession" register: assumed_role -''' +""" try: import botocore From 71a0b1a47420c8734c9fc91c84ab02c8a9990a02 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 26 Apr 2023 19:26:07 +0200 Subject: [PATCH 19/24] Big Black PR (#1784) * Black prep * Black * changelog * Fix pylint unused-import in tests * Split SSM connection plugin changes * disable glue tests - bucket's missing * Disable s3_logging and s3_sync tests This commit was initially merged in https://github.com/ansible-collections/community.aws See: https://github.com/ansible-collections/community.aws/commit/2c4575c248776c65d66b06cd60fa09b0dae1cd6f --- plugins/modules/iam_mfa_device_info.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index c0c434a9be9..44b38ab90f4 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -67,12 +67,12 @@ def list_mfa_devices(connection, module): - user_name = module.params.get('user_name') + user_name = module.params.get("user_name") changed = False args = {} if user_name is not None: - args['UserName'] = user_name + args["UserName"] = user_name try: response = connection.list_mfa_devices(**args) except ClientError as e: @@ -92,12 +92,12 @@ def main(): ) try: - connection = module.client('iam') + connection = module.client("iam") except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - module.fail_json_aws(e, msg='Failed to connect to AWS') + module.fail_json_aws(e, msg="Failed to connect to AWS") list_mfa_devices(connection, module) -if __name__ == '__main__': +if __name__ == "__main__": main() From 4b563de5ee417ec0f6c2fccb5f9554981f914f32 Mon Sep 17 00:00:00 2001 From: Alina Buzachis Date: Fri, 22 Sep 2023 14:30:04 +0200 Subject: [PATCH 20/24] Update runtime --- meta/runtime.yml | 1 + plugins/modules/iam_mfa_device_info.py | 1 + 2 files changed, 2 insertions(+) diff --git a/meta/runtime.yml b/meta/runtime.yml index da395988b6f..5de91ba3046 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -106,6 +106,7 @@ action_groups: - s3_bucket - s3_object - s3_object_info + - iam_mfa_device_info plugin_routing: action: aws_s3: diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 44b38ab90f4..3f491fdb4e4 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -8,6 +8,7 @@ --- module: iam_mfa_device_info version_added: 1.0.0 +version_added_collection: community.aws short_description: List the MFA (Multi-Factor Authentication) devices registered for a user description: - List the MFA (Multi-Factor Authentication) devices registered for a user From f5aa5236169c315b0f964d63474c7e0ed8351ca9 Mon Sep 17 00:00:00 2001 From: Alina Buzachis Date: Fri, 22 Sep 2023 14:30:04 +0200 Subject: [PATCH 21/24] Update FQDN --- plugins/modules/iam_mfa_device_info.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 3f491fdb4e4..6b81f03d162 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -44,7 +44,7 @@ # more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html - name: List MFA devices - community.aws.iam_mfa_device_info: + amazon.aws.iam_mfa_device_info: register: mfa_devices # more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html From 8018d3d86adad6a1d9625b640f31d8900d7b9428 Mon Sep 17 00:00:00 2001 From: Alina Buzachis Date: Fri, 22 Sep 2023 14:30:04 +0200 Subject: [PATCH 22/24] Add changelog fragment --- changelogs/fragments/migrate_iam_mfa_device_info.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 changelogs/fragments/migrate_iam_mfa_device_info.yml diff --git a/changelogs/fragments/migrate_iam_mfa_device_info.yml b/changelogs/fragments/migrate_iam_mfa_device_info.yml new file mode 100644 index 00000000000..e2ee3133121 --- /dev/null +++ b/changelogs/fragments/migrate_iam_mfa_device_info.yml @@ -0,0 +1,4 @@ +major_changes: +- iam_mfa_device_info - The module has been migrated from the ``community.aws`` collection. + Playbooks using the Fully Qualified Collection Name for this module should be updated + to use ``amazon.aws.iam_mfa_device_info`` (https://github.com/ansible-collections/amazon.aws/pull/1761). From 76035e823e686981323c888073e5e7b469f44b40 Mon Sep 17 00:00:00 2001 From: Alina Buzachis Date: Thu, 28 Sep 2023 15:19:25 +0200 Subject: [PATCH 23/24] Use the amazon.aws path for importing AnsibleAWSModule Signed-off-by: Alina Buzachis --- plugins/modules/iam_mfa_device_info.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 6b81f03d162..6916d60d060 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -64,7 +64,7 @@ from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict -from ansible_collections.community.aws.plugins.module_utils.modules import AnsibleCommunityAWSModule as AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.modules import AnsibleAWSModule def list_mfa_devices(connection, module): From 26563186347d06a458c40c358a525d8ad48650c3 Mon Sep 17 00:00:00 2001 From: Alina Buzachis Date: Mon, 2 Oct 2023 16:37:30 +0200 Subject: [PATCH 24/24] Update meta/runtime.yml Signed-off-by: Alina Buzachis --- meta/runtime.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/runtime.yml b/meta/runtime.yml index 5de91ba3046..dc35a8ec4d2 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -72,6 +72,7 @@ action_groups: - iam_instance_profile - iam_instance_profile_info - iam_managed_policy + - iam_mfa_device_info - iam_policy - iam_policy_info - iam_role @@ -106,7 +107,6 @@ action_groups: - s3_bucket - s3_object - s3_object_info - - iam_mfa_device_info plugin_routing: action: aws_s3: