amazon.aws 3.5.1

Release Summary

3.5.1 is a security bugfix release.

Minor Changes

• ec2_instance - refacter tower_callback code to handle parameter validation as part of the argument specification (#1199).
• ec2_instance - the tower_callback parameter has been renamed to aap_callback, tower_callback remains as an alias. This change should have no observable effect for users outside the module documentation (#1199).

Security Fixes

• ec2_instance - fixes leak of password into logs when using tower_callback.windows=True and tower_callback.set_password (#1199).

amazon.aws 5.1.0

This release brings some minor changes, bugfixes, security fixes and deprecated features.

Minor Changes

amazon.aws collection - The aws_access_key parameter has been renamed to access_key, access_key was previously an alias for this parameter and aws_access_key remains as an alias. This change should have no observable effect for users outside the module/plugin documentation. (#1172).

amazon.aws collection - The aws_secret_key parameter has been renamed to secret_key, secret_key was previously an alias for this parameter and aws_secret_key remains as an alias. This change should have no observable effect for users outside the module/plugin documentation. (#1172).

amazon.aws collection - The security_token parameter has been renamed to session_token, security_token was previously an alias for this parameter and security_token remains as an alias. This change should have no observable effect for users outside the module/plugin documentation. (#1172).

aws_account_attribute lookup plugin - use missing_required_lib for more consistent error message when boto3/botocore is not available (#1152).

aws_ec2 inventory - minor linting fixes (#1181).

aws_ec2 inventory plugin - use missing_required_lib for more consistent error message when boto3/botocore is not available (#1152).

aws_rds inventory plugin - use missing_required_lib for more consistent error message when boto3/botocore is not available (#1152).

aws_secret lookup plugin - use missing_required_lib for more consistent error message when boto3/botocore is not available (#1152).

aws_ssm lookup plugin - use missing_required_lib for more consistent error message when boto3/botocore is not available (#1152).

ec2_instance - minor fix for launching an instance in specified AZ when vpc_subnet_id is not provided (#1150).

ec2_instance - refacter tower_callback code to handle parameter validation as part of the argument specification (#1199).

ec2_instance - the instance_role parameter has been renamed to iam_instance_profile to better reflect what it is, instance_role remains as an alias (#1151).

ec2_instance - the tower_callback parameter has been renamed to aap_callback, tower_callback remains as an alias. This change should have no observable effect for users outside the module documentation (#1199).

s3_object_info - minor linting fixes (#1181).

Deprecated Features

amazon.aws collection - Support for the EC2_ACCESS_KEY environment variable has been deprecated and will be removed in a release after 2024-12-01. Please use the access_key parameter or AWS_ACCESS_KEY_ID environment variable instead (#1172).

amazon.aws collection - Support for the EC2_REGION environment variable has been deprecated and will be removed in a release after 2024-12-01. Please use the region parameter or AWS_REGION environment variable instead (#1172).

amazon.aws collection - Support for the EC2_SECRET_KEY environment variable has been deprecated and will be removed in a release after 2024-12-01. Please use the secret_key parameter or AWS_SECRET_ACCESS_KEY environment variable instead (#1172).

amazon.aws collection - Support for the EC2_SECURITY_TOKEN environment variable has been deprecated and will be removed in a release after 2024-12-01. Please use the session_token parameter or AWS_SESSION_TOKEN environment variable instead (#1172).

amazon.aws collection - Support for the EC2_URL and S3_URL environment variables has been deprecated and will be removed in a release after 2024-12-01. Please use the endpoint_url parameter or AWS_ENDPOINT_URL environment variable instead (#1172).

amazon.aws collection - The access_token alias for the session_token parameter has been deprecated and will be removed in a release after 2024-12-01. Please use the session_token name instead (#1172).

amazon.aws collection - The access_token alias for the session_token parameter has been deprecated and will be removed in a release after 2024-12-01. Please use the session_token name instead (#1172).

amazon.aws collection - The aws_security_token alias for the session_token parameter has been deprecated and will be removed in a release after 2024-12-01. Please use the session_token name instead (#1172).

amazon.aws collection - The ec2_access_key alias for the access_key parameter has been deprecated and will be removed in a release after 2024-12-01. Please use the access_key name instead (#1172).

amazon.aws collection - The ec2_region alias for the region parameter has been deprecated and will be removed in a release after 2024-12-01. Please use the region name instead (#1172).

amazon.aws collection - The ec2_secret_key alias for the secret_key parameter has been deprecated and will be removed in a release after 2024-12-01. Please use the secret_key name instead (#1172).

amazon.aws collection - The security_token alias for the session_token parameter has been deprecated and will be removed in a release after 2024-12-01. Please use the session_token name instead (#1172).

ec2_security_group - support for passing nested lists to cidr_ip and cidr_ipv6 has been deprecated. Nested lists can be passed through the flatten filter instead cidr_ip: '{{ my_cidrs | flatten }}' (#1213).

module_utils.url - ansible_collections.amazon.aws.module_utils.urls is believed to be unused and has been deprecated and will be removed in release 7.0.0.

Security Fixes

ec2_instance - fixes leak of password into logs when using tower_callback.windows=True and tower_callback.set_password (#1199).

Bugfixes

ec2_instance - fixes Invalid type for parameter TagSpecifications, value None error when tags aren’t specified (#1148).

module_utils.transformations - ensure that map_complex_type still returns transformed items if items exists that are not in the type_map (#1163).

amazon.aws 5.0.2

Bugfixes

• ec2_metadata_facts - fixed AttributeError (#1134).

amazon.aws 5.0.1

Bugfixes

• ec2_vpc_net_info - fix KeyError (#1109).
• ec2_vpc_net_info - remove hardcoded ClassicLinkEnabled parameter when request for ClassicLinkDnsSupported failed (#1109).
• s3_object - be more defensive when checking the results of s3.get_bucket_ownership_controls (#1115).

amazon.aws 4.3.0

Release Summary

The amazon.aws 4.3.0 release includes a number of minor bug fixes and improvements.
Following the release of amazon.aws 5.0.0, backports to the 4.x series will be limited to
security issues and bugfixes.

Minor Changes

• ec2_instance - expanded the use of the automatic retries to InsuffienctInstanceCapacity (#1038).

Bugfixes

• ec2_metadata_facts - fix 'NoneType' object is not callable exception when using Ansible 2.13+ (#942).
• module_utils/cloud - Fix ValueError: ansible_collections.amazon.aws.plugins.module_utils.core.__spec__ is None error on Ansible 2.9 (#1083).

amazon.aws 3.5.0

Release Summary

Following the release of amazon.aws 5.0.0, 3.5.0 is a bugfix release and the final planned release for the 3.x series.

Minor Changes

• ec2_security_group - set type as list for rules->group_name as it can accept both str and list (#971).

Bugfixes

• ec2_metadata_facts - fix 'NoneType' object is not callable exception when using Ansible 2.13+ (#942).

amazon.aws 5.0.0

In this release we promoted many community modules to Red Hat supported status. Those modules have been moved from the community.aws to amazon.aws collection. This release also brings some new features, bugfixes, breaking changes and deprecated features.

The amazon.aws collection has dropped support for botocore<1.21.0 and boto3<1.18.0. Support for ansible-core<2.11 has also been dropped.

Major Changes

• autoscaling_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.autoscaling_group.
• autoscaling_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.autoscaling_group_info.
• cloudtrail - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudtrail.
• cloudwatch_metric_alarm - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatch_metric_alarm.
• cloudwatchevent_rule - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchevent_rule.
• cloudwatchlogs_log_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchlogs_log_group.
• cloudwatchlogs_log_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchlogs_log_group_info.
• cloudwatchlogs_log_group_metric_filter - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchlogs_log_group_metric_filter.
• ec2_eip - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_eip.
• ec2_eip_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_eip_info.
• elb_application_lb - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.elb_application_lb.
• elb_application_lb_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.elb_application_lb_info.
• execute_lambda - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.execute_lambda.
• iam_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_policy.
• iam_policy_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_policy_info.
• iam_user - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_user.
• iam_user_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_user_info.
• kms_key - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.kms_key.
• kms_key_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.kms_key_info.
• lambda - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda.
• lambda_alias - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_alias.
• lambda_event - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_event.
• lambda_execute - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_execute.
• lambda_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_info.
• lambda_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_policy.
• rds_cluster - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_cluster.
• rds_cluster_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_cluster_info.
• rds_cluster_snapshot - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_cluster_snapshot.
• rds_instance - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_instance.
• rds_instance_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_instance_info.
• rds_instance_snapshot - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_instance_snapshot.
• rds_option_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_option_group.
• rds_option_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_option_group_info.
• rds_param_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_param_group.
• rds_snapshot_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_snapshot_info.
• rds_subnet_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_subnet_group.
• route53 - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53.
• route53_health_check - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53_health_check.
• route53_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53_info.
• route53_zone - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53_zone.

Minor Changes

• Ability to record and replay the API interaction of a module for testing purpose. Show case the feature with an example (#998).
• Remove the empty init.py file from the distribution, they were not required anymore (#1018).
• amazon.aws modules - the ec2_url parameter has been renamed to endpoint_url for consistency, ec2_url remains as an alias (#992).
• aws_caller_info - minor linting fixes (#968).
• aws_ec2 - introduce the allow_duplicated_hosts configuration key (#1026).
• cloudformation - avoid catching Exception, catch more specific errors instead (#968).
  ...

amazon.aws 4.2.0

Minor Changes

• ec2_security_group - set type as list for rules->group_name as it can accept both str and list (#971).
• various modules - linting fixups (#953).

Deprecated Features

• module_utils.cloud - removal of the CloudRetry.backoff has been delayed until release 6.0.0. It is recommended to update custom modules to use jittered_backoff or exponential_backoff instead (#951).

amazon.aws 4.1.0

Minor Changes

• ec2_instance - expanded the use of the automatic retries on temporary failures (#927).
• s3_bucket - updated module to enable support for setting S3 Bucket Keys for SSE-KMS (#882).

Deprecated Features

• amazon.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection has been deprecated and will be removed in a release after 2023-05-31 (#935).

Bugfixes

• aws_ec2 - ensure the correct number of hosts are returned when tags as hostnames are used (#862).
• elb_application_lb - fix KeyError when balancing across two Target Groups (ansible-collections/community.aws#1089).
• elb_classic_lb - fix 'NoneType' object has no attribute bug when creating a new ELB in check mode with a health check (#915).
• elb_classic_lb - fix 'NoneType' object has no attribute bug when creating a new ELB using security group names (#914).

amazon.aws 3.4.0

Minor Changes

• ec2_instance - expanded the use of the automatic retries on temporary failures (#927).

Bugfixes

• elb_application_lb - fix KeyError when balancing across two Target Groups (ansible-collections/community.aws#1089).
• elb_classic_lb - fix 'NoneType' object has no attribute bug when creating a new ELB in check mode with a health check (#915).
• elb_classic_lb - fix 'NoneType' object has no attribute bug when creating a new ELB using security group names (#914).