mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-23 13:20:23 -07:00
* Defaults to creating the instance profile to preserve current behaviour
This commit is contained in:
parent
b107635aeb
commit
71510aa67a
1 changed files with 24 additions and 15 deletions
|
@ -57,6 +57,12 @@ options:
|
||||||
- Create or remove the IAM role
|
- Create or remove the IAM role
|
||||||
required: true
|
required: true
|
||||||
choices: [ 'present', 'absent' ]
|
choices: [ 'present', 'absent' ]
|
||||||
|
create_instance_profile:
|
||||||
|
description:
|
||||||
|
- Creates an IAM instance profile along with the role
|
||||||
|
type: bool
|
||||||
|
default: true
|
||||||
|
version_added: 2.5
|
||||||
requirements: [ botocore, boto3 ]
|
requirements: [ botocore, boto3 ]
|
||||||
extends_documentation_fragment:
|
extends_documentation_fragment:
|
||||||
- aws
|
- aws
|
||||||
|
@ -217,6 +223,7 @@ def create_or_update_role(connection, module):
|
||||||
if module.params.get('description') is not None:
|
if module.params.get('description') is not None:
|
||||||
params['Description'] = module.params.get('description')
|
params['Description'] = module.params.get('description')
|
||||||
managed_policies = module.params.get('managed_policy')
|
managed_policies = module.params.get('managed_policy')
|
||||||
|
create_instance_profile = module.params.get('create_instance_profile')
|
||||||
if managed_policies:
|
if managed_policies:
|
||||||
managed_policies = convert_friendly_names_to_arns(connection, module, managed_policies)
|
managed_policies = convert_friendly_names_to_arns(connection, module, managed_policies)
|
||||||
changed = False
|
changed = False
|
||||||
|
@ -275,22 +282,23 @@ def create_or_update_role(connection, module):
|
||||||
changed = True
|
changed = True
|
||||||
|
|
||||||
# Instance profile
|
# Instance profile
|
||||||
try:
|
if create_instance_profile:
|
||||||
instance_profiles = connection.list_instance_profiles_for_role(RoleName=params['RoleName'])['InstanceProfiles']
|
|
||||||
except ClientError as e:
|
|
||||||
module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
|
|
||||||
if not any(p['InstanceProfileName'] == params['RoleName'] for p in instance_profiles):
|
|
||||||
# Make sure an instance profile is attached
|
|
||||||
try:
|
try:
|
||||||
connection.create_instance_profile(InstanceProfileName=params['RoleName'], Path=params['Path'])
|
instance_profiles = connection.list_instance_profiles_for_role(RoleName=params['RoleName'])['InstanceProfiles']
|
||||||
changed = True
|
|
||||||
except ClientError as e:
|
except ClientError as e:
|
||||||
# If the profile already exists, no problem, move on
|
module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
|
||||||
if e.response['Error']['Code'] == 'EntityAlreadyExists':
|
if not any(p['InstanceProfileName'] == params['RoleName'] for p in instance_profiles):
|
||||||
pass
|
# Make sure an instance profile is attached
|
||||||
else:
|
try:
|
||||||
module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
|
connection.create_instance_profile(InstanceProfileName=params['RoleName'], Path=params['Path'])
|
||||||
connection.add_role_to_instance_profile(InstanceProfileName=params['RoleName'], RoleName=params['RoleName'])
|
changed = True
|
||||||
|
except ClientError as e:
|
||||||
|
# If the profile already exists, no problem, move on
|
||||||
|
if e.response['Error']['Code'] == 'EntityAlreadyExists':
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
|
||||||
|
connection.add_role_to_instance_profile(InstanceProfileName=params['RoleName'], RoleName=params['RoleName'])
|
||||||
|
|
||||||
# Get the role again
|
# Get the role again
|
||||||
role = get_role(connection, module, params['RoleName'])
|
role = get_role(connection, module, params['RoleName'])
|
||||||
|
@ -369,7 +377,8 @@ def main():
|
||||||
assume_role_policy_document=dict(type='json'),
|
assume_role_policy_document=dict(type='json'),
|
||||||
managed_policy=dict(type='list', aliases=['managed_policies']),
|
managed_policy=dict(type='list', aliases=['managed_policies']),
|
||||||
state=dict(choices=['present', 'absent'], required=True),
|
state=dict(choices=['present', 'absent'], required=True),
|
||||||
description=dict(required=False, type='str')
|
description=dict(required=False, type='str'),
|
||||||
|
create_instance_profile=dict(type='bool', default=True)
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue