-
Notifications
You must be signed in to change notification settings - Fork 398
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[PR #876/a1c35a14 backport][stable-5] aws_ssm connection: add support…
… for SSM document (#1659) [PR #876/a1c35a14 backport][stable-5] aws_ssm connection: add support for SSM document This is a backport of PR #876 as merged into main (a1c35a1). SUMMARY This PR adds support for SSM document to the SSM connection plugin. ISSUE TYPE Feature Pull Request COMPONENT NAME community.aws.aws_ssm ADDITIONAL INFORMATION The new document parameters is directly forwarded to the SSM start_session method. Usage: - name: Install a Nginx Package vars: ansible_connection: aws_ssm ansible_aws_ssm_bucket_name: nameofthebucket ansible_aws_ssm_region: us-west-2 ansible_aws_ssm_document: nameofthecustomdocument tasks: - name: Install a Nginx Package yum: name: nginx state: present Reviewed-by: Mark Chappell <None>
- Loading branch information
1 parent
3dd0068
commit f7cb171
Showing
15 changed files
with
151 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
minor_changes: | ||
- aws_ssm_connection - add support for custom SSM document (https://github.com/ansible-collections/community.aws/pull/876) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 4 additions & 0 deletions
4
tests/integration/targets/connection_aws_ssm_ssm_document/aliases
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
time=20m | ||
|
||
cloud/aws | ||
connection_aws_ssm |
6 changes: 6 additions & 0 deletions
6
tests/integration/targets/connection_aws_ssm_ssm_document/aws_ssm_integration_test_setup.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
- hosts: localhost | ||
roles: | ||
- role: ../setup_connection_aws_ssm | ||
vars: | ||
target_os: fedora | ||
use_ssm_document: True |
5 changes: 5 additions & 0 deletions
5
...integration/targets/connection_aws_ssm_ssm_document/aws_ssm_integration_test_teardown.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
- hosts: localhost | ||
tasks: | ||
- include_role: | ||
name: ../setup_connection_aws_ssm | ||
tasks_from: cleanup.yml |
3 changes: 3 additions & 0 deletions
3
tests/integration/targets/connection_aws_ssm_ssm_document/meta/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
dependencies: | ||
- connection | ||
- setup_connection_aws_ssm |
31 changes: 31 additions & 0 deletions
31
tests/integration/targets/connection_aws_ssm_ssm_document/runme.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
#!/usr/bin/env bash | ||
|
||
PLAYBOOK_DIR=$(pwd) | ||
set -eux | ||
|
||
CMD_ARGS=("$@") | ||
|
||
# Destroy Environment | ||
cleanup() { | ||
|
||
cd "${PLAYBOOK_DIR}" | ||
ansible-playbook -c local aws_ssm_integration_test_teardown.yml "${CMD_ARGS[@]}" | ||
|
||
} | ||
|
||
trap "cleanup" EXIT | ||
|
||
# Setup Environment | ||
ansible-playbook -c local aws_ssm_integration_test_setup.yml "$@" | ||
|
||
# Export the AWS Keys | ||
set +x | ||
. ./aws-env-vars.sh | ||
set -x | ||
|
||
cd ../connection | ||
|
||
# Execute Integration tests | ||
INVENTORY="${PLAYBOOK_DIR}/ssm_inventory" ./test.sh \ | ||
-e target_hosts=aws_ssm \ | ||
"$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
15 changes: 15 additions & 0 deletions
15
tests/integration/targets/setup_connection_aws_ssm/files/ssm-document.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
{ | ||
"schemaVersion": "1.0", | ||
"description": "Custom SSM document", | ||
"sessionType": "Standard_Stream", | ||
"inputs": { | ||
"s3EncryptionEnabled": false, | ||
"cloudWatchLogGroupName": "", | ||
"cloudWatchEncryptionEnabled": false, | ||
"idleSessionTimeout": "20", | ||
"cloudWatchStreamingEnabled": false, | ||
"kmsKeyId": "", | ||
"runAsEnabled": false, | ||
"runAsDefaultUser": "" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
14 changes: 14 additions & 0 deletions
14
tests/integration/targets/setup_connection_aws_ssm/tasks/connection_args.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
--- | ||
- set_fact: | ||
# As a lookup plugin we don't have access to module_defaults | ||
connection_args: | ||
region: "{{ aws_region }}" | ||
aws_access_key: "{{ aws_access_key }}" | ||
aws_secret_key: "{{ aws_secret_key }}" | ||
aws_security_token: "{{ security_token | default(omit) }}" | ||
connection_env: | ||
AWS_DEFAULT_REGION: "{{ aws_region }}" | ||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}" | ||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}" | ||
AWS_SESSION_TOKEN: "{{ security_token | default(omit) }}" | ||
no_log: True |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
11 changes: 11 additions & 0 deletions
11
tests/integration/targets/setup_connection_aws_ssm/tasks/ssm_document.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
--- | ||
- block: | ||
- name: Create custom SSM document | ||
command: "aws ssm create-document --content file://{{ role_path }}/files/ssm-document.json --name {{ ssm_document_name }} --document-type Session" | ||
environment: "{{ connection_env }}" | ||
always: | ||
- name: Create SSM vars_to_delete.yml | ||
template: | ||
dest: "{{ playbook_dir }}/ssm_vars_to_delete.yml" | ||
src: ssm_vars_to_delete.yml.j2 | ||
ignore_errors: yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 2 additions & 0 deletions
2
tests/integration/targets/setup_connection_aws_ssm/templates/ssm_vars_to_delete.yml.j2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
--- | ||
ssm_document_name: {{ ssm_document_name }} |