-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terminator policies for CloudFront modules #245
Conversation
251ccf6
to
66feed4
Compare
Could you add the link in the description to the PR in the amazon collection that this change is for? |
PR has been updated accordingly |
66feed4
to
a571e55
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apologies I missed some of this on my previous look.
The policies are in paas.yml but the terminator class is in application-services.py - these should be in the same grouping in both places to avoid confusion.
There may be a bug in the plugin code, the integration tests fail at:
TASK [cloudfront_distribution : Update the distribution with tags] **************************************************************************************************************************************************************************
task path: /root/ansible_collections/community/aws/tests/output/.tmp/integration/cloudfront_distribution-5u0dnd61-ÅÑŚÌβŁÈ/tests/integration/targets/cloudfront_distribution/tasks/main.yml:34
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: TypeError: get_distribution() got an unexpected keyword argument 'id'
fatal: [testhost]: FAILED! => {"boto3_version": "1.18.0", "botocore_version": "1.21.0", "changed": false, "msg": "Error validating distribution_id from alias, aliases and caller reference: get_distribution() got an unexpected keyword argument 'id'", "resource_actions": []}
I have the policies deployed to the dev area of the CI account (with all of the policies moved to a ResourceUnrestricted Sid for the sake of testing). You can test your PR locally against the CI account like ansible-test integration -vv cloudfront_distribution --remote-stage dev --docker
with the deployed dev policy. We can figure out the resource restrictions in another iteration.
dff8a3e
to
d2cc744
Compare
5e2d736
to
3ae9d94
Compare
Needed for PR ansible-collections/community.aws#1596