Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Policies for rds_option_group management #144

Merged
merged 5 commits into from
May 6, 2021

Conversation

alinabuzachis
Copy link
Collaborator

Add policies for new modules - rds_option_group and rds_option_group_info ansible-collections/community.aws#517

Copy link
Collaborator

@jillr jillr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @alinabuzachis. The permissions look good and your tests pass (after adding the module names to meta/runtime.yml) but you'll also need to add a terminator class for RdsOptionGroup to aws/terminator/data_services.py. It looks like describe_option_group doesn't provide a created_at timestamp, so you'll need to subclass DbTerminator (the way RdsDbParameterGroup is) instead of Terminator. That tells the terminator to store a record of the first time it saw a resource in its own database so it knows when to expire something.

I also found that RDS creates a default option group for each DB type the first time you make one, that can not be deleted. https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithOptionGroups.html So you'll need to add an ignore parameter to the new class for option names that start with default:, kind of like how these policies are ignored for IAM:
https://github.com/mattclay/aws-terminator/blob/master/aws/terminator/security_services.py#L25

@alinabuzachis
Copy link
Collaborator Author

alinabuzachis commented Apr 23, 2021

Thanks @alinabuzachis. The permissions look good and your tests pass (after adding the module names to meta/runtime.yml) but you'll also need to add a terminator class for RdsOptionGroup to aws/terminator/data_services.py. It looks like describe_option_group doesn't provide a created_at timestamp, so you'll need to subclass DbTerminator (the way RdsDbParameterGroup is) instead of Terminator. That tells the terminator to store a record of the first time it saw a resource in its own database so it knows when to expire something.

I also found that RDS creates a default option group for each DB type the first time you make one, that can not be deleted. https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithOptionGroups.html So you'll need to add an ignore parameter to the new class for option names that start with default:, kind of like how these policies are ignored for IAM:
https://github.com/mattclay/aws-terminator/blob/master/aws/terminator/security_services.py#L25

@jillr Thank you very much for explaining. I tried to add the RdsOptionGroup class.

@alinabuzachis alinabuzachis force-pushed the rds_option_group_policies branch from dd9c123 to 88342a9 Compare April 23, 2021 13:58
@alinabuzachis alinabuzachis force-pushed the rds_option_group_policies branch from 88342a9 to 1ffe766 Compare April 26, 2021 11:58
Signed-off-by: Alina Buzachis <[email protected]>
@alinabuzachis alinabuzachis force-pushed the rds_option_group_policies branch from 1ffe766 to e53bf89 Compare April 26, 2021 13:51

@property
def ignore(self):
return not self.name.startswith('default')
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
return not self.name.startswith('default')
return self.name.startswith('default')

This one is a little confusing because it's kind of a double negative (I had to experiment with it a bit myself). This function returns a list of things to be ignored, not a list of things that excludes what to ignore. So we want to return only those things which start with default.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, done. Thank you.

Copy link
Collaborator

@jillr jillr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

resolved the merge conflict, LGTM

@jillr jillr merged commit 6ac808a into mattclay:master May 6, 2021
ansible-zuul bot pushed a commit to ansible-collections/community.aws that referenced this pull request Oct 25, 2021
rds_option_group (_info) new modules

SUMMARY

Attempt to resurrect ansible/ansible#25290
Fixes: #463

ISSUE TYPE


New Module Pull Request

COMPONENT NAME

rds_option_group
rds_option_group_info
Requires: mattclay/aws-terminator#144

Reviewed-by: Mark Chappell <None>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>
alinabuzachis added a commit to alinabuzachis/amazon.aws that referenced this pull request Sep 22, 2022
rds_option_group (_info) new modules

SUMMARY

Attempt to resurrect ansible/ansible#25290
Fixes: ansible-collections#463

ISSUE TYPE

New Module Pull Request

COMPONENT NAME

rds_option_group
rds_option_group_info
Requires: mattclay/aws-terminator#144

Reviewed-by: Mark Chappell <None>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>

This commit was initially merged in https://github.com/ansible-collections/community.aws
See: ansible-collections/community.aws@142836b
goneri pushed a commit to alinabuzachis/amazon.aws that referenced this pull request Sep 23, 2022
rds_option_group (_info) new modules

SUMMARY

Attempt to resurrect ansible/ansible#25290
Fixes: ansible-collections#463

ISSUE TYPE

New Module Pull Request

COMPONENT NAME

rds_option_group
rds_option_group_info
Requires: mattclay/aws-terminator#144

Reviewed-by: Mark Chappell <None>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>

This commit was initially merged in https://github.com/ansible-collections/community.aws
See: ansible-collections/community.aws@142836b
abikouo pushed a commit to abikouo/amazon.aws that referenced this pull request Sep 18, 2023
rds_option_group (_info) new modules

SUMMARY

Attempt to resurrect ansible/ansible#25290
Fixes: ansible-collections#463

ISSUE TYPE


New Module Pull Request

COMPONENT NAME

rds_option_group
rds_option_group_info
Requires: mattclay/aws-terminator#144

Reviewed-by: Mark Chappell <None>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>
abikouo pushed a commit to abikouo/amazon.aws that referenced this pull request Sep 18, 2023
rds_option_group (_info) new modules

SUMMARY

Attempt to resurrect ansible/ansible#25290
Fixes: ansible-collections#463

ISSUE TYPE


New Module Pull Request

COMPONENT NAME

rds_option_group
rds_option_group_info
Requires: mattclay/aws-terminator#144

Reviewed-by: Mark Chappell <None>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants