From 4376b08322570871456f6c3d65d2affc36e765a0 Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Tue, 12 Jan 2021 17:30:41 +0100 Subject: [PATCH 01/12] Return all infos of a VPC peering connection in ec2_vpc_peer module. --- plugins/modules/ec2_vpc_peer.py | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 9c5d35349eb..9aa671fce86 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -216,8 +216,13 @@ ''' RETURN = ''' -task: - description: The result of the create, accept, reject or delete action. +peering_id: + description: The id of the VPC peering connection created/deleted. + returned: always + type: str + sample: pcx-034223d7c0aec3cde +vpc_peering_connection: + description: The details of the VPC peering connection as returned by Boto3 (snake cased). returned: success type: dict ''' @@ -231,6 +236,7 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def wait_for_state(client, module, state, pcx_id): @@ -283,6 +289,7 @@ def describe_peering_connections(params, client): aws_retry=True, Filters=ansible_dict_to_boto3_filter_list(peer_filter), ) + return result @@ -311,9 +318,9 @@ def create_peer_connection(client, module): if tags_changed(pcx_id, client, module): changed = True if is_active(peering_conn): - return (changed, peering_conn['VpcPeeringConnectionId']) + return (changed, peering_conn) if is_pending(peering_conn): - return (changed, peering_conn['VpcPeeringConnectionId']) + return (changed, peering_conn) try: peering_conn = client.create_vpc_peering_connection(aws_retry=True, **params) pcx_id = peering_conn['VpcPeeringConnection']['VpcPeeringConnectionId'] @@ -322,7 +329,7 @@ def create_peer_connection(client, module): if module.params.get('tags'): create_tags(pcx_id, client, module) changed = True - return (changed, peering_conn['VpcPeeringConnection']['VpcPeeringConnectionId']) + return (changed, peering_conn) except botocore.exceptions.ClientError as e: module.fail_json(msg=str(e)) @@ -356,7 +363,7 @@ def remove_peer_connection(client, module): client.delete_vpc_peering_connection(aws_retry=True, **params) if module.params.get('wait'): wait_for_state(client, module, 'deleted', pcx_id) - module.exit_json(changed=True) + module.exit_json(changed=True, peering_id=pcx_id) except botocore.exceptions.ClientError as e: module.fail_json(msg=str(e)) @@ -388,15 +395,16 @@ def accept_reject(state, client, module): client.reject_vpc_peering_connection(aws_retry=True, **params) target_state = 'rejected' if module.params.get('tags'): - create_tags(params['VpcPeeringConnectionId'], client, module) + create_tags(peering_id, client, module) changed = True if module.params.get('wait'): wait_for_state(client, module, target_state, pcx_id) except botocore.exceptions.ClientError as e: module.fail_json(msg=str(e)) - if tags_changed(params['VpcPeeringConnectionId'], client, module): + if tags_changed(peering_id, client, module): changed = True - return changed, params['VpcPeeringConnectionId'] + + return (changed, vpc_peering_connection) def load_tags(module): @@ -460,7 +468,6 @@ def main(): if state == 'present': (changed, results) = create_peer_connection(client, module) - module.exit_json(changed=changed, peering_id=results) elif state == 'absent': if not peering_id and (not vpc_id or not peer_vpc_id): module.fail_json(msg='state is absent but one of the following is missing: peering_id or [vpc_id, peer_vpc_id]') @@ -468,8 +475,9 @@ def main(): remove_peer_connection(client, module) else: (changed, results) = accept_reject(state, client, module) - module.exit_json(changed=changed, peering_id=results) + formatted_results = camel_dict_to_snake_dict(results) + module.exit_json(changed=changed, vpc_peering_connection=formatted_results, peering_id=results['VpcPeeringConnectionId']) if __name__ == '__main__': main() From b2b10fef322cd31b70f0c650d0b0c0389b33da79 Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 11:22:15 +0200 Subject: [PATCH 02/12] Rebased on latest main and resolved some git conflicts --- plugins/modules/ec2_vpc_peer.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 9aa671fce86..b5169523bc2 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -383,9 +383,11 @@ def peer_status(client, module): def accept_reject(state, client, module): changed = False params = dict() - pcx_id = module.params.get('peering_id') - params['VpcPeeringConnectionId'] = pcx_id + peering_id = module.params.get('peering_id') + params['VpcPeeringConnectionId'] = peering_id + vpc_peering_connection = find_pcx_by_id(peering_id, client, module)['VpcPeeringConnections'][0] current_state = peer_status(client, module) + if current_state not in ['active', 'rejected']: try: if state == 'accept': @@ -398,7 +400,7 @@ def accept_reject(state, client, module): create_tags(peering_id, client, module) changed = True if module.params.get('wait'): - wait_for_state(client, module, target_state, pcx_id) + wait_for_state(client, module, target_state, peering_id) except botocore.exceptions.ClientError as e: module.fail_json(msg=str(e)) if tags_changed(peering_id, client, module): @@ -477,6 +479,10 @@ def main(): (changed, results) = accept_reject(state, client, module) formatted_results = camel_dict_to_snake_dict(results) + # Turn the boto3 result in to ansible friendly tag dictionary + for peer in formatted_results: + peer['tags'] = boto3_tag_list_to_ansible_dict(peer.get('tags', [])) + module.exit_json(changed=changed, vpc_peering_connection=formatted_results, peering_id=results['VpcPeeringConnectionId']) if __name__ == '__main__': From 59eb455ece658326646371dd0d6219e88ef325ae Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 11:41:02 +0200 Subject: [PATCH 03/12] Bring back changes lost by rebase, improvements in peering conection retrieval --- plugins/modules/ec2_vpc_peer.py | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index b5169523bc2..6fc123e7a21 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -368,12 +368,12 @@ def remove_peer_connection(client, module): module.fail_json(msg=str(e)) -def peer_status(client, module): +def get_peering_connection_by_id(peering_id, client, module): params = dict() - params['VpcPeeringConnectionIds'] = [module.params.get('peering_id')] + params['VpcPeeringConnectionIds'] = peering_id try: vpc_peering_connection = client.describe_vpc_peering_connections(aws_retry=True, **params) - return vpc_peering_connection['VpcPeeringConnections'][0]['Status']['Code'] + return vpc_peering_connection['VpcPeeringConnections'][0] except is_boto3_error_code('InvalidVpcPeeringConnectionId.Malformed') as e: module.fail_json_aws(e, msg='Malformed connection ID') except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except @@ -385,10 +385,10 @@ def accept_reject(state, client, module): params = dict() peering_id = module.params.get('peering_id') params['VpcPeeringConnectionId'] = peering_id - vpc_peering_connection = find_pcx_by_id(peering_id, client, module)['VpcPeeringConnections'][0] - current_state = peer_status(client, module) + vpc_peering_connection = get_peering_connection_by_id(peering_id, client, module) + peering_status = vpc_peering_connection['Status']['Code'] - if current_state not in ['active', 'rejected']: + if peering_status not in ['active', 'rejected']: try: if state == 'accept': client.accept_vpc_peering_connection(aws_retry=True, **params) @@ -406,6 +406,8 @@ def accept_reject(state, client, module): if tags_changed(peering_id, client, module): changed = True + # Relaod peering conection infos to return latest state/params + vpc_peering_connection = get_peering_connection_by_id(peering_id, client, module) return (changed, vpc_peering_connection) From 1028dfa9e618b75352feddcd085c73de0e690624 Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 11:48:21 +0200 Subject: [PATCH 04/12] Added missing import for boto3_tag_list_to_ansible_dict --- plugins/modules/ec2_vpc_peer.py | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 6fc123e7a21..5643f9deeb8 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -236,6 +236,7 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict From 365a3edfd56078aa652b7588e99a40f611445b28 Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 12:49:40 +0200 Subject: [PATCH 05/12] Fix tagging transformation and hopefully tests --- plugins/modules/ec2_vpc_peer.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 5643f9deeb8..4bc523659db 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -482,11 +482,11 @@ def main(): (changed, results) = accept_reject(state, client, module) formatted_results = camel_dict_to_snake_dict(results) - # Turn the boto3 result in to ansible friendly tag dictionary - for peer in formatted_results: - peer['tags'] = boto3_tag_list_to_ansible_dict(peer.get('tags', [])) + # Turn the resource tags from boto3 into an ansible friendly tag dictionary + formatted_results['tags'] = boto3_tag_list_to_ansible_dict(formatted_results.get('tags', [])) module.exit_json(changed=changed, vpc_peering_connection=formatted_results, peering_id=results['VpcPeeringConnectionId']) + if __name__ == '__main__': main() From 19d613143dbd3a12d7f26a985b1c2244b4f5b29a Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 13:14:28 +0200 Subject: [PATCH 06/12] Fix return value as I deleted VpcPeeringConnection selector by accident --- plugins/modules/ec2_vpc_peer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 4bc523659db..38425202d9b 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -330,7 +330,7 @@ def create_peer_connection(client, module): if module.params.get('tags'): create_tags(pcx_id, client, module) changed = True - return (changed, peering_conn) + return (changed, peering_conn['VpcPeeringConnection']) except botocore.exceptions.ClientError as e: module.fail_json(msg=str(e)) From 6c59b140bf12d519dbae9445b1032f6a0981eb60 Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 13:22:44 +0200 Subject: [PATCH 07/12] Hopefully fixing last issue from merging my code with latest upstream --- plugins/modules/ec2_vpc_peer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 38425202d9b..dfd218bad67 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -371,7 +371,7 @@ def remove_peer_connection(client, module): def get_peering_connection_by_id(peering_id, client, module): params = dict() - params['VpcPeeringConnectionIds'] = peering_id + params['VpcPeeringConnectionIds'] = [peering_id] try: vpc_peering_connection = client.describe_vpc_peering_connections(aws_retry=True, **params) return vpc_peering_connection['VpcPeeringConnections'][0] From c2afdda29903b28fa2c894e9f2567e64e9c4f66d Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 14:34:31 +0200 Subject: [PATCH 08/12] More extensive tests for vpc_peer module. Also got rid of redundant helper method in vpc_peer module --- plugins/modules/ec2_vpc_peer.py | 13 +++------- .../targets/ec2_vpc_peer/tasks/main.yml | 25 ++++++++++++++++--- 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index dfd218bad67..358dc12af7c 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -261,9 +261,9 @@ def tags_changed(pcx_id, client, module): tags = dict() if module.params.get('tags'): tags = module.params.get('tags') - pcx = find_pcx_by_id(pcx_id, client, module) - if pcx['VpcPeeringConnections']: - pcx_values = [t.values() for t in pcx['VpcPeeringConnections'][0]['Tags']] + peering_connection = get_peering_connection_by_id(pcx_id, client, module) + if peering_connection['Tags'] + pcx_values = [t.values() for t in peering_connection['Tags'] pcx_tags = [item for sublist in pcx_values for item in sublist] tag_values = [[key, str(value)] for key, value in tags.items()] tags = [item for sublist in tag_values for item in sublist] @@ -435,13 +435,6 @@ def delete_tags(pcx_id, client, module): module.fail_json(msg=str(e)) -def find_pcx_by_id(pcx_id, client, module): - try: - return client.describe_vpc_peering_connections(aws_retry=True, VpcPeeringConnectionIds=[pcx_id]) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=str(e)) - - def main(): argument_spec = dict( vpc_id=dict(), diff --git a/tests/integration/targets/ec2_vpc_peer/tasks/main.yml b/tests/integration/targets/ec2_vpc_peer/tasks/main.yml index 5d6f7851bc2..499e83c7670 100644 --- a/tests/integration/targets/ec2_vpc_peer/tasks/main.yml +++ b/tests/integration/targets/ec2_vpc_peer/tasks/main.yml @@ -65,27 +65,29 @@ set_fact: connection_name: 'Peering connection for VPC {{ vpc_1 }} to VPC {{ vpc_2 }}' - - name: Create local account VPC peering Connection + - name: Create local account VPC peering Connection request ec2_vpc_peer: vpc_id: '{{ vpc_1 }}' peer_vpc_id: '{{ vpc_2 }}' state: present tags: - Name: 'Peering connection for VPC {{ vpc_1 }} to VPC {{ vpc_2 }}' + Name: '{{ connection_name }}' register: vpc_peer + - name: Assert success assert: that: - vpc_peer is changed - vpc_peer is successful - "'peering_id' in vpc_peer" + - vpc_peer.vpc_peering_connection.requester_vpc_info.cidr_block == vpc_1_cidr - vpc_peer.peering_id.startswith('pcx-') - name: Store Connection ID set_fact: peer_id_1: '{{ vpc_peer.peering_id }}' - - name: (re-) Create local account VPC peering Connection (idempotency) + - name: (re-) Create local account VPC peering Connection request (idempotency) ec2_vpc_peer: vpc_id: '{{ vpc_1 }}' peer_vpc_id: '{{ vpc_2 }}' @@ -93,6 +95,7 @@ tags: Name: '{{ connection_name }}' register: vpc_peer + - name: Assert success assert: that: @@ -100,6 +103,22 @@ - vpc_peer is successful - vpc_peer.peering_id == peer_id_1 + - name: Accespt local VPC peering connection from destination VPC + ec2_vpc_peer: + peering_id: '{{ vpc_peer.peering_id }}' + state: accept + tags: + Name: '{{ connection_name }}' + register: vpc_peer_accept + + - name: Assert success + assert: + tath: + - vpc_peer_accept is successful + - vpc_peer_accept is changed + - vpc_peer_accept.peering_id == vpc_peer.peering_id + - vpc_peer_accept.vpc_peering_connection.accepter_vpc_info.cidr_block == vpc_2_cidr + - name: Get details on specific VPC peer ec2_vpc_peering_info: peer_connection_ids: From 0ae786b749396f7858cbc275a8ab4ec8d9a74be2 Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 14:51:01 +0200 Subject: [PATCH 09/12] Syntax fix. Refactorings for ec2_vpc_peer module. --- plugins/modules/ec2_vpc_peer.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 358dc12af7c..45a904e7ed2 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -262,7 +262,7 @@ def tags_changed(pcx_id, client, module): if module.params.get('tags'): tags = module.params.get('tags') peering_connection = get_peering_connection_by_id(pcx_id, client, module) - if peering_connection['Tags'] + if peering_connection['Tags']: pcx_values = [t.values() for t in peering_connection['Tags'] pcx_tags = [item for sublist in pcx_values for item in sublist] tag_values = [[key, str(value)] for key, value in tags.items()] @@ -338,7 +338,7 @@ def create_peer_connection(client, module): def remove_peer_connection(client, module): pcx_id = module.params.get('peering_id') if pcx_id: - peering_conns = client.describe_vpc_peering_connections(aws_retry=True, VpcPeeringConnectionIds=[pcx_id]) + peering_conn = get_peering_connection_by_id(pcx_id, client, module) else: params = dict() params['VpcId'] = module.params.get('vpc_id') @@ -346,16 +346,16 @@ def remove_peer_connection(client, module): params['PeerRegion'] = module.params.get('peer_region') if module.params.get('peer_owner_id'): params['PeerOwnerId'] = str(module.params.get('peer_owner_id')) - peering_conns = describe_peering_connections(params, client) + peering_conn = describe_peering_connections(params, client)['VpcPeeringConnections'][0] - if not peering_conns: + if not peering_conn: module.exit_json(changed=False) else: - pcx_id = pcx_id or peering_conns['VpcPeeringConnections'][0]['VpcPeeringConnectionId'] + pcx_id = pcx_id or peering_conn['VpcPeeringConnectionId'] - if peering_conns['VpcPeeringConnections'][0]['Status']['Code'] == 'deleted': + if peering_conn[0]['Status']['Code'] == 'deleted': module.exit_json(msg='Connection in deleted state.', changed=False) - if peering_conns['VpcPeeringConnections'][0]['Status']['Code'] == 'rejected': + if peering_conn[0]['Status']['Code'] == 'rejected': module.exit_json(msg='Connection has been rejected. State cannot be changed and will be removed automatically by AWS', changed=False) try: From fa0a5d6cedfd032d5cd99c72969e197f7d3cbbc3 Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 16:08:16 +0200 Subject: [PATCH 10/12] Changelog fragment, more return docs, remove leftover from refactoring --- .../355-ec2_vpc_peer_improvements.yml | 2 ++ plugins/modules/ec2_vpc_peer.py | 18 +++++++++++++++--- 2 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 changelogs/fragments/355-ec2_vpc_peer_improvements.yml diff --git a/changelogs/fragments/355-ec2_vpc_peer_improvements.yml b/changelogs/fragments/355-ec2_vpc_peer_improvements.yml new file mode 100644 index 00000000000..55a8410ac6e --- /dev/null +++ b/changelogs/fragments/355-ec2_vpc_peer_improvements.yml @@ -0,0 +1,2 @@ +minor_changes: +- ec2_vpc_peer - More return info added, also simplified module code a bit and extended tests (https://github.com/ansible-collections/community.aws/pull/355) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 45a904e7ed2..73cb66d26da 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -224,7 +224,19 @@ vpc_peering_connection: description: The details of the VPC peering connection as returned by Boto3 (snake cased). returned: success - type: dict + type: complex + contains: + vpc_peering_connection_id: + type: str + sample: pcx-034223d7c0aec3cde + accepter_vpc_info: + type: dict + requester_vpc_info: + type: dict + tags: + type: dict + status: + type: dict ''' try: @@ -353,9 +365,9 @@ def remove_peer_connection(client, module): else: pcx_id = pcx_id or peering_conn['VpcPeeringConnectionId'] - if peering_conn[0]['Status']['Code'] == 'deleted': + if peering_conn['Status']['Code'] == 'deleted': module.exit_json(msg='Connection in deleted state.', changed=False) - if peering_conn[0]['Status']['Code'] == 'rejected': + if peering_conn['Status']['Code'] == 'rejected': module.exit_json(msg='Connection has been rejected. State cannot be changed and will be removed automatically by AWS', changed=False) try: From 91dd766b1b1c178f7f36b1df5d02d6f72e9822d2 Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 16:22:10 +0200 Subject: [PATCH 11/12] Another syntax fix. More docs. Return peering_id in more cases to stay true to docs. --- plugins/modules/ec2_vpc_peer.py | 141 +++++++++++++++++++++++++++++--- 1 file changed, 131 insertions(+), 10 deletions(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 73cb66d26da..f37efa10177 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -226,17 +226,134 @@ returned: success type: complex contains: - vpc_peering_connection_id: - type: str - sample: pcx-034223d7c0aec3cde accepter_vpc_info: - type: dict + description: Information about the VPC which accepted the connection. + returned: success + type: complex + contains: + cidr_block: + description: The primary CIDR for the VPC. + returned: when connection is in the accepted state. + type: str + example: '10.10.10.0/23' + cidr_block_set: + description: A list of all CIDRs for the VPC. + returned: when connection is in the accepted state. + type: complex + contains: + cidr_block: + description: A CIDR block used by the VPC. + returned: success + type: str + example: '10.10.10.0/23' + owner_id: + description: The AWS account that owns the VPC. + returned: success + type: str + example: 012345678901 + peering_options: + description: Additional peering configuration. + returned: when connection is in the accepted state. + type: dict + contains: + allow_dns_resolution_from_remote_vpc: + description: Indicates whether a VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC. + returned: success + type: bool + allow_egress_from_local_classic_link_to_remote_vpc: + description: Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection. + returned: success + type: bool + allow_egress_from_local_vpc_to_remote_classic_link: + description: Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection. + returned: success + type: bool + region: + description: The AWS region that the VPC is in. + returned: success + type: str + example: us-east-1 + vpc_id: + description: The ID of the VPC + returned: success + type: str + example: vpc-0123456789abcdef0 requester_vpc_info: - type: dict - tags: - type: dict + description: Information about the VPC which requested the connection. + returned: success + type: complex + contains: + cidr_block: + description: The primary CIDR for the VPC. + returned: when connection is not in the deleted state. + type: str + example: '10.10.10.0/23' + cidr_block_set: + description: A list of all CIDRs for the VPC. + returned: when connection is not in the deleted state. + type: complex + contains: + cidr_block: + description: A CIDR block used by the VPC + returned: success + type: str + example: '10.10.10.0/23' + owner_id: + description: The AWS account that owns the VPC. + returned: success + type: str + example: 012345678901 + peering_options: + description: Additional peering configuration. + returned: when connection is not in the deleted state. + type: dict + contains: + allow_dns_resolution_from_remote_vpc: + description: Indicates whether a VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC. + returned: success + type: bool + allow_egress_from_local_classic_link_to_remote_vpc: + description: Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection. + returned: success + type: bool + allow_egress_from_local_vpc_to_remote_classic_link: + description: Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection. + returned: success + type: bool + region: + description: The AWS region that the VPC is in. + returned: success + type: str + example: us-east-1 + vpc_id: + description: The ID of the VPC + returned: success + type: str + example: vpc-0123456789abcdef0 status: + description: Details of the current status of the connection. + returned: success + type: complex + contains: + code: + description: A short code describing the status of the connection. + returned: success + type: str + example: active + message: + description: Additional information about the status of the connection. + returned: success + type: str + example: Pending Acceptance by 012345678901 + tags: + description: Tags applied to the connection. + returned: success type: dict + vpc_peering_connection_id: + description: The ID of the VPC peering connection. + returned: success + type: str + example: "pcx-0123456789abcdef0" ''' try: @@ -275,7 +392,7 @@ def tags_changed(pcx_id, client, module): tags = module.params.get('tags') peering_connection = get_peering_connection_by_id(pcx_id, client, module) if peering_connection['Tags']: - pcx_values = [t.values() for t in peering_connection['Tags'] + pcx_values = [t.values() for t in peering_connection['Tags']] pcx_tags = [item for sublist in pcx_values for item in sublist] tag_values = [[key, str(value)] for key, value in tags.items()] tags = [item for sublist in tag_values for item in sublist] @@ -366,9 +483,13 @@ def remove_peer_connection(client, module): pcx_id = pcx_id or peering_conn['VpcPeeringConnectionId'] if peering_conn['Status']['Code'] == 'deleted': - module.exit_json(msg='Connection in deleted state.', changed=False) + module.exit_json(msg='Connection in deleted state.', changed=False, peering_id=pcx_id) if peering_conn['Status']['Code'] == 'rejected': - module.exit_json(msg='Connection has been rejected. State cannot be changed and will be removed automatically by AWS', changed=False) + module.exit_json( + msg='Connection has been rejected. State cannot be changed and will be removed automatically by AWS', + changed=False, + peering_id=pcx_id + ) try: params = dict() From 1e766ef47a075606d84cdd390c63eb74bc76bac1 Mon Sep 17 00:00:00 2001 From: Stefan Horning Date: Fri, 9 Apr 2021 16:37:55 +0200 Subject: [PATCH 12/12] Fixed integration tests, whitespace --- plugins/modules/ec2_vpc_peer.py | 2 +- .../targets/ec2_vpc_peer/tasks/main.yml | 21 +++++-------------- 2 files changed, 6 insertions(+), 17 deletions(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index f37efa10177..29011094766 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -486,7 +486,7 @@ def remove_peer_connection(client, module): module.exit_json(msg='Connection in deleted state.', changed=False, peering_id=pcx_id) if peering_conn['Status']['Code'] == 'rejected': module.exit_json( - msg='Connection has been rejected. State cannot be changed and will be removed automatically by AWS', + msg='Connection has been rejected. State cannot be changed and will be removed automatically by AWS', changed=False, peering_id=pcx_id ) diff --git a/tests/integration/targets/ec2_vpc_peer/tasks/main.yml b/tests/integration/targets/ec2_vpc_peer/tasks/main.yml index 499e83c7670..7668ef4d95e 100644 --- a/tests/integration/targets/ec2_vpc_peer/tasks/main.yml +++ b/tests/integration/targets/ec2_vpc_peer/tasks/main.yml @@ -103,22 +103,6 @@ - vpc_peer is successful - vpc_peer.peering_id == peer_id_1 - - name: Accespt local VPC peering connection from destination VPC - ec2_vpc_peer: - peering_id: '{{ vpc_peer.peering_id }}' - state: accept - tags: - Name: '{{ connection_name }}' - register: vpc_peer_accept - - - name: Assert success - assert: - tath: - - vpc_peer_accept is successful - - vpc_peer_accept is changed - - vpc_peer_accept.peering_id == vpc_peer.peering_id - - vpc_peer_accept.vpc_peering_connection.accepter_vpc_info.cidr_block == vpc_2_cidr - - name: Get details on specific VPC peer ec2_vpc_peering_info: peer_connection_ids: @@ -271,6 +255,8 @@ - action_peer is changed - action_peer is successful - action_peer.peering_id == peer_id_1 + - action_peer.vpc_peering_connection.accepter_vpc_info.cidr_block == vpc_2_cidr + - action_peer.vpc_peering_connection.vpc_peering_connection_id == peer_id_1 - name: Get details on specific VPC peer ec2_vpc_peering_info: @@ -340,6 +326,7 @@ - action_peer is not changed - action_peer is successful - action_peer.peering_id == peer_id_1 + - action_peer.vpc_peering_connection.vpc_peering_connection_id == peer_id_1 - name: delete a local VPC peering Connection ec2_vpc_peer: @@ -351,6 +338,7 @@ that: - delete_peer is changed - delete_peer is successful + - "'peering_id' in delete_peer" - name: Get details on specific VPC peer ec2_vpc_peering_info: @@ -456,6 +444,7 @@ - reject_peer is not changed - reject_peer is successful - reject_peer.peering_id == peer_id_2 + - reject_peer.vpc_peering_connection.vpc_peering_connection_id == peer_id_2 - name: delete a local VPC peering Connection ec2_vpc_peer: