Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ec2_instance: add missing metadata_options parameters #715

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions changelogs/fragments/715-ec2-instance-metadata-options.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
minor_changes:
- ec2_instance - Add missing ``metadata_options`` parameters (https://github.com/ansible-collections/amazon.aws/pull/715).
55 changes: 52 additions & 3 deletions plugins/modules/ec2_instance.py
Original file line number Diff line number Diff line change
Expand Up @@ -321,6 +321,29 @@
choices: [optional, required]
default: optional
type: str
http_put_response_hop_limit:
version_added: 3.2.0
type: int
description: >
The desired HTTP PUT response hop limit for instance metadata requests.
The larger the number, the further instance metadata requests can travel.
default: 1
http_protocol_ipv6:
version_added: 3.2.0
type: str
description: >
- Wether the instance metadata endpoint is available via IPv6 (C(enabled)) or not (C(disabled)).
- Requires botocore >= 1.21.29
choices: [enabled, disabled]
default: 'disabled'
instance_metadata_tags:
version_added: 3.2.0
type: str
description:
- Wether the instance tags are availble (C(enabled)) via metadata endpoint or not (C(disabled)).
- Requires botocore >= 1.23.30
choices: [enabled, disabled]
default: 'disabled'

extends_documentation_fragment:
- amazon.aws.aws
Expand Down Expand Up @@ -1268,6 +1291,25 @@ def build_top_level_options(params):
'metadata_options').get('http_endpoint')
spec['MetadataOptions']['HttpTokens'] = params.get(
'metadata_options').get('http_tokens')
spec['MetadataOptions']['HttpPutResponseHopLimit'] = params.get(
'metadata_options').get('http_put_response_hop_limit')

if not module.botocore_at_least('1.23.30'):
# fail only if enabled is requested
if params.get('metadata_options').get('instance_metadata_tags') == 'enabled':
module.require_botocore_at_least('1.23.30', reason='to set instance_metadata_tags')
else:
spec['MetadataOptions']['InstanceMetadataTags'] = params.get(
'metadata_options').get('instance_metadata_tags')

if not module.botocore_at_least('1.21.29'):
# fail only if enabled is requested
if params.get('metadata_options').get('http_protocol_ipv6') == 'enabled':
module.require_botocore_at_least('1.21.29', reason='to set http_protocol_ipv6')
else:
spec['MetadataOptions']['HttpProtocolIpv6'] = params.get(
'metadata_options').get('http_protocol_ipv6')

return spec


Expand Down Expand Up @@ -1954,9 +1996,16 @@ def main():
instance_ids=dict(default=[], type='list', elements='str'),
network=dict(default=None, type='dict'),
volumes=dict(default=None, type='list', elements='dict'),
metadata_options=dict(type='dict', options=dict(
http_endpoint=dict(type='str', choices=['enabled', 'disabled'], default='enabled'),
http_tokens=dict(type='str', choices=['optional', 'required'], default='optional'))),
metadata_options=dict(
type='dict',
options=dict(
http_endpoint=dict(choices=['enabled', 'disabled'], default='enabled'),
http_put_response_hop_limit=dict(type='int', default=1),
http_tokens=dict(choices=['optional', 'required'], default='optional'),
http_protocol_ipv6=dict(choices=['disabled', 'enabled'], default='disabled'),
instance_metadata_tags=dict(choices=['disabled', 'enabled'], default='disabled'),
)
),
)
# running/present are synonyms
# as are terminated/absent
Expand Down
3 changes: 3 additions & 0 deletions tests/integration/targets/ec2_instance/meta/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,6 @@
dependencies:
- role: prepare_tests
- role: setup_ec2_facts
- role: setup_botocore_pip
vars:
boto3_version: "1.20.30"
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
dependencies:
- role: prepare_tests
- role: setup_ec2_facts
- role: setup_botocore_pip
vars:
boto3_version: "1.20.30"
collections:
- amazon.aws
Original file line number Diff line number Diff line change
@@ -1,4 +1,33 @@
- block:
- name: test with boto3 version that does not support instance_metadata_tags
block:
- name: "fail create t3.nano instance with metadata_options"
ec2_instance:
state: present
name: "{{ resource_prefix }}-test-t3nano-enabled-required"
image_id: "{{ ec2_ami_id }}"
tags:
TestId: "{{ ec2_instance_tag_TestId }}"
vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}"
instance_type: t3.nano
metadata_options:
http_endpoint: enabled
http_tokens: required
instance_metadata_tags: enabled
wait: false
ignore_errors: yes
register: instance_creation

- name: verify fail instance with metadata_options because insufficient boto3 requirements
assert:
that:
- instance_creation is failed
- instance_creation is not changed
- "'This is required to set instance_metadata_tags' in instance_creation.msg"

- name: test with boto3 version that supports instance_metadata_tags
vars:
ansible_python_interpreter: "{{ botocore_virtualenv_interpreter }}"
block:
- name: "create t3.nano instance with metadata_options"
ec2_instance:
state: present
Expand All @@ -11,6 +40,7 @@
metadata_options:
http_endpoint: enabled
http_tokens: required
instance_metadata_tags: enabled
wait: false
register: instance_creation

Expand All @@ -21,6 +51,7 @@
- instance_creation is changed
- "'{{ instance_creation.spec.MetadataOptions.HttpEndpoint }}' == 'enabled'"
- "'{{ instance_creation.spec.MetadataOptions.HttpTokens }}' == 'required'"
- "'{{ instance_creation.spec.MetadataOptions.InstanceMetadataTags }}' == 'enabled'"

- name: "modify metadata_options on existing instance"
ec2_instance:
Expand Down