diff --git a/changelogs/fragments/1771-remote-access.yml b/changelogs/fragments/1771-remote-access.yml new file mode 100644 index 00000000000..6375fc12c6f --- /dev/null +++ b/changelogs/fragments/1771-remote-access.yml @@ -0,0 +1,2 @@ +bugfixes: + - eks_nodegroup - fix parameter options of ``remote_access`` (https://github.com/ansible-collections/community.aws/issues/1771). diff --git a/plugins/modules/eks_nodegroup.py b/plugins/modules/eks_nodegroup.py index 8528cc8a488..f6ce192c96c 100644 --- a/plugins/modules/eks_nodegroup.py +++ b/plugins/modules/eks_nodegroup.py @@ -515,7 +515,11 @@ def create_or_update_nodegroups(client, module): if module.params['release_version'] is not None: params['releaseVersion'] = module.params['release_version'] if module.params['remote_access'] is not None: - params['remoteAccess'] = module.params['remote_access'] + params['remoteAccess'] = dict() + if module.params['remote_access']['ec2_ssh_key'] is not None: + params['remoteAccess']['ec2SshKey'] = module.params['remote_access']['ec2_ssh_key'] + if module.params['remote_access']['source_sg'] is not None: + params['remoteAccess']['sourceSecurityGroups'] = module.params['remote_access']['source_sg'] if module.params['capacity_type'] is not None: params['capacityType'] = module.params['capacity_type'].upper() if module.params['labels'] is not None: diff --git a/tests/integration/targets/eks_nodegroup/tasks/cleanup.yml b/tests/integration/targets/eks_nodegroup/tasks/cleanup.yml index 0b1ad4d0817..ff841f0f5ec 100644 --- a/tests/integration/targets/eks_nodegroup/tasks/cleanup.yml +++ b/tests/integration/targets/eks_nodegroup/tasks/cleanup.yml @@ -37,6 +37,19 @@ with_items: '{{ eks_security_groups|reverse|list + additional_eks_sg }}' ignore_errors: 'yes' +- name: Delete securitygroup for node access + amazon.aws.ec2_security_group: + name: 'ansible-test-eks_nodegroup' + description: "SSH access" + vpc_id: '{{ setup_vpc.vpc.id }}' + rules: [] + state: absent + +- name: Delete Keypair for Access to Nodegroup nodes + amazon.aws.ec2_key: + name: "ansible-test-eks_nodegroup" + state: absent + - name: remove Route Tables ec2_vpc_route_table: state: absent diff --git a/tests/integration/targets/eks_nodegroup/tasks/dependecies.yml b/tests/integration/targets/eks_nodegroup/tasks/dependecies.yml index aa8141b8537..dd6efd27af6 100644 --- a/tests/integration/targets/eks_nodegroup/tasks/dependecies.yml +++ b/tests/integration/targets/eks_nodegroup/tasks/dependecies.yml @@ -106,3 +106,20 @@ default_version: 1 instance_type: t3.micro register: lt + +- name: Create securitygroup for node access + amazon.aws.ec2_security_group: + name: 'ansible-test-eks_nodegroup' + description: "SSH access" + vpc_id: '{{ setup_vpc.vpc.id }}' + rules: + - proto: tcp + ports: + - 22 + cidr_ip: 0.0.0.0/0 + register: securitygroup_eks_nodegroup + +- name: Create Keypair for Access to Nodegroup nodes + amazon.aws.ec2_key: + name: "ansible-test-eks_nodegroup" + register: ec2_key_eks_nodegroup diff --git a/tests/integration/targets/eks_nodegroup/tasks/full_test.yml b/tests/integration/targets/eks_nodegroup/tasks/full_test.yml index 6c23bd70a86..dcb35d2d1e9 100644 --- a/tests/integration/targets/eks_nodegroup/tasks/full_test.yml +++ b/tests/integration/targets/eks_nodegroup/tasks/full_test.yml @@ -80,6 +80,10 @@ capacity_type: 'SPOT' tags: 'foo': 'bar' + remote_access: + ec2_ssh_key: "{{ ec2_key_eks_nodegroup.key.name }}" + source_sg: + - "{{ securitygroup_eks_nodegroup.group_id }}" wait: True register: eks_nodegroup_result check_mode: True @@ -114,6 +118,10 @@ capacity_type: 'SPOT' tags: 'foo': 'bar' + remote_access: + ec2_ssh_key: "{{ ec2_key_eks_nodegroup.key.name }}" + source_sg: + - "{{ securitygroup_eks_nodegroup.group_id }}" wait: True register: eks_nodegroup_result @@ -147,6 +155,10 @@ capacity_type: 'SPOT' tags: 'foo': 'bar' + remote_access: + ec2_ssh_key: "{{ ec2_key_eks_nodegroup.key.name }}" + source_sg: + - "{{ securitygroup_eks_nodegroup.group_id }}" wait: True register: eks_nodegroup_result check_mode: True @@ -181,6 +193,10 @@ capacity_type: 'SPOT' tags: 'foo': 'bar' + remote_access: + ec2_ssh_key: "{{ ec2_key_eks_nodegroup.key.name }}" + source_sg: + - "{{ securitygroup_eks_nodegroup.group_id }}" wait: True register: eks_nodegroup_result check_mode: True @@ -255,6 +271,10 @@ capacity_type: 'SPOT' tags: 'foo': 'bar' + remote_access: + ec2_ssh_key: "{{ ec2_key_eks_nodegroup.key.name }}" + source_sg: + - "{{ securitygroup_eks_nodegroup.group_id }}" wait: True register: eks_nodegroup_result check_mode: True @@ -289,6 +309,10 @@ capacity_type: 'SPOT' tags: 'foo': 'bar' + remote_access: + ec2_ssh_key: "{{ ec2_key_eks_nodegroup.key.name }}" + source_sg: + - "{{ securitygroup_eks_nodegroup.group_id }}" wait: True register: eks_nodegroup_result @@ -322,6 +346,10 @@ capacity_type: 'SPOT' tags: 'foo': 'bar' + remote_access: + ec2_ssh_key: "{{ ec2_key_eks_nodegroup.key.name }}" + source_sg: + - "{{ securitygroup_eks_nodegroup.group_id }}" wait: True register: eks_nodegroup_result check_mode: True @@ -356,6 +384,10 @@ capacity_type: 'SPOT' tags: 'foo': 'bar' + remote_access: + ec2_ssh_key: "{{ ec2_key_eks_nodegroup.key.name }}" + source_sg: + - "{{ securitygroup_eks_nodegroup.group_id }}" wait: True register: eks_nodegroup_result