elb_application_lb_info - Add parameters to skip fetching some data (#…

…1778) elb_application_lb_info - Add parameters to skip fetching some data Add include_attributes, include_listeners and include_listener_rules. SUMMARY Related to #1767. This PR adds parameters to the module which disable fetching certain data. They all default to true for backwards compatibility. In my tests disabling all 3 speeds it up by around 10x when fetching a lot (100+) ALBs. ISSUE TYPE Feature Pull Request COMPONENT NAME elb_application_lb_info ADDITIONAL INFORMATION Please let me know if the coupling of include_listeners and include_listener_rules isn't desired. I can add checks to require include_listeners be true if include_listener_rules as an alternative (or something else?). Reviewed-by: Mark Chappell
ansible-collections · Sep 29, 2023 · a48f4c2 · a48f4c2
1 parent ce98cd6
commit a48f4c2
Show file tree

Hide file tree

Showing 3 changed files with 158 additions and 5 deletions.
diff --git a/changelogs/fragments/1778-elb_application_lb_info-fetch-subsets.yml b/changelogs/fragments/1778-elb_application_lb_info-fetch-subsets.yml
@@ -0,0 +1,2 @@
+minor_changes:
+  - "elb_application_lb_info - add new parameters ``include_attributes``, ``include_listeners`` and  ``include_listener_rules`` to optionally speed up module by fetching less information (https://github.com/ansible-collections/amazon.aws/pull/1778)."
diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py
@@ -27,6 +27,28 @@
     required: false
     type: list
     elements: str
+  include_attributes:
+    description:
+      - Whether or not to include load balancer attributes in the response.
+    required: false
+    type: bool
+    default: true
+    version_added: 7.0.0
+  include_listeners:
+    description:
+      - Whether or not to include load balancer listeners in the response.
+    required: false
+    type: bool
+    default: true
+    version_added: 7.0.0
+  include_listener_rules:
+    description:
+      - Whether or not to include load balancer listener rules in the response.
+      - Implies I(include_listeners=true)
+    required: false
+    type: bool
+    default: true
+    version_added: 7.0.0
 
 extends_documentation_fragment:
   - amazon.aws.common.modules
@@ -40,6 +62,13 @@
 - name: Gather information about all ALBs
   amazon.aws.elb_application_lb_info:
 
+# Equivalent to aws elbv2 describe-load-balancers
+- name: Gather minimal information about all ALBs
+  amazon.aws.elb_application_lb_info:
+    include_attributes: false
+    include_listeners: false
+    include_listener_rules: false
+
 - name: Gather information about a particular ALB given its ARN
   amazon.aws.elb_application_lb_info:
     load_balancer_arns:
@@ -68,14 +97,17 @@
     contains:
         access_logs_s3_bucket:
             description: The name of the S3 bucket for the access logs.
+            returned: when include_attributes is true
             type: str
             sample: "mys3bucket"
         access_logs_s3_enabled:
             description: Indicates whether access logs stored in Amazon S3 are enabled.
+            returned: when include_attributes is true
             type: bool
             sample: true
         access_logs_s3_prefix:
             description: The prefix for the location in the S3 bucket.
+            returned: when include_attributes is true
             type: str
             sample: "my/logs"
         availability_zones:
@@ -92,6 +124,7 @@
             sample: "2015-02-12T02:14:02+00:00"
         deletion_protection_enabled:
             description: Indicates whether deletion protection is enabled.
+            returned: when include_attributes is true
             type: bool
             sample: true
         dns_name:
@@ -100,6 +133,7 @@
             sample: "internal-my-alb-123456789.ap-southeast-2.elb.amazonaws.com"
         idle_timeout_timeout_seconds:
             description: The idle timeout value, in seconds.
+            returned: when include_attributes is true
             type: int
             sample: 60
         ip_address_type:
@@ -108,6 +142,7 @@
             sample: "ipv4"
         listeners:
             description: Information about the listeners.
+            returned: when include_listeners or include_listener_rules is true
             type: complex
             contains:
                 listener_arn:
@@ -126,6 +161,11 @@
                     description: The protocol for connections from clients to the load balancer.
                     type: str
                     sample: "HTTPS"
+                rules:
+                    description: List of listener rules.
+                    returned: when include_listener_rules is true
+                    type: list
+                    sample: ""
                 certificates:
                     description: The SSL server certificate.
                     type: complex
@@ -158,24 +198,34 @@
             description: The name of the load balancer.
             type: str
             sample: "my-alb"
+        load_balancing_cross_zone_enabled:
+            description: Indicates whether or not cross-zone load balancing is enabled.
+            returned: when include_attributes is true
+            type: bool
+            sample: true
         routing_http2_enabled:
             description: Indicates whether HTTP/2 is enabled.
+            returned: when include_attributes is true
             type: bool
             sample: true
         routing_http_desync_mitigation_mode:
             description: Determines how the load balancer handles requests that might pose a security risk to an application.
+            returned: when include_attributes is true
             type: str
             sample: "defensive"
         routing_http_drop_invalid_header_fields_enabled:
             description: Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false).
+            returned: when include_attributes is true
             type: bool
             sample: false
         routing_http_x_amzn_tls_version_and_cipher_suite_enabled:
             description: Indicates whether the two headers are added to the client request before sending it to the target.
+            returned: when include_attributes is true
             type: bool
             sample: false
         routing_http_xff_client_port_enabled:
             description: Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer.
+            returned: when include_attributes is true
             type: bool
             sample: false
         scheme:
@@ -207,6 +257,7 @@
         waf_fail_open_enabled:
             description: Indicates whether to allow a AWS WAF-enabled load balancer to route requests to targets
                 if it is unable to forward the request to AWS WAF.
+            returned: when include_attributes is true
             type: bool
             sample: false
 """
@@ -282,6 +333,9 @@ def get_load_balancer_tags(connection, module, load_balancer_arn):
 def list_load_balancers(connection, module):
     load_balancer_arns = module.params.get("load_balancer_arns")
     names = module.params.get("names")
+    include_attributes = module.params.get("include_attributes")
+    include_listeners = module.params.get("include_listeners")
+    include_listener_rules = module.params.get("include_listener_rules")
 
     try:
         if not load_balancer_arns and not names:
@@ -300,14 +354,17 @@ def list_load_balancers(connection, module):
 
     for load_balancer in load_balancers["LoadBalancers"]:
         # Get the attributes for each alb
-        load_balancer.update(get_load_balancer_attributes(connection, module, load_balancer["LoadBalancerArn"]))
+        if include_attributes:
+            load_balancer.update(get_load_balancer_attributes(connection, module, load_balancer["LoadBalancerArn"]))
 
         # Get the listeners for each alb
-        load_balancer["listeners"] = get_alb_listeners(connection, module, load_balancer["LoadBalancerArn"])
+        if include_listeners or include_listener_rules:
+            load_balancer["listeners"] = get_alb_listeners(connection, module, load_balancer["LoadBalancerArn"])
 
         # For each listener, get listener rules
-        for listener in load_balancer["listeners"]:
-            listener["rules"] = get_listener_rules(connection, module, listener["ListenerArn"])
+        if include_listener_rules:
+            for listener in load_balancer["listeners"]:
+                listener["rules"] = get_listener_rules(connection, module, listener["ListenerArn"])
 
     # Turn the boto3 result in to ansible_friendly_snaked_names
     snaked_load_balancers = [
@@ -324,7 +381,13 @@ def list_load_balancers(connection, module):
 
 
 def main():
-    argument_spec = dict(load_balancer_arns=dict(type="list", elements="str"), names=dict(type="list", elements="str"))
+    argument_spec = dict(
+        load_balancer_arns=dict(type="list", elements="str"),
+        names=dict(type="list", elements="str"),
+        include_attributes=dict(default=True, type="bool"),
+        include_listeners=dict(default=True, type="bool"),
+        include_listener_rules=dict(default=True, type="bool"),
+    )
 
     module = AnsibleAWSModule(
         argument_spec=argument_spec,

diff --git a/tests/integration/targets/elb_application_lb/tasks/main.yml b/tests/integration/targets/elb_application_lb/tasks/main.yml
@@ -1395,6 +1395,94 @@
       that:
       - alb_info.load_balancers[0].security_groups[0] == sec_group2.group_id
 
+  - name: Get ALB application info without skipping anything
+    elb_application_lb_info:
+    register: alb_info
+  - assert:
+      that:
+      - alb_info.load_balancers | selectattr('access_logs_s3_bucket', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('access_logs_s3_enabled', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('access_logs_s3_prefix', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('deletion_protection_enabled', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('idle_timeout_timeout_seconds', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('load_balancing_cross_zone_enabled', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('routing_http2_enabled', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('routing_http_desync_mitigation_mode', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('routing_http_drop_invalid_header_fields_enabled', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('routing_http_x_amzn_tls_version_and_cipher_suite_enabled', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('routing_http_xff_client_port_enabled', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('waf_fail_open_enabled', 'defined') | length > 0
+      - alb_info.load_balancers | selectattr('listeners', 'defined') | length > 0
+      - alb_info.load_balancers | map(attribute='listeners') | flatten | selectattr('rules', 'defined') | length > 0
+
+  - name: Get ALB application info excluding attributes
+    elb_application_lb_info:
+      include_attributes: false
+    register: alb_info
+  - assert:
+      that:
+      - alb_info.load_balancers | selectattr('access_logs_s3_bucket', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('access_logs_s3_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('access_logs_s3_prefix', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('deletion_protection_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('idle_timeout_timeout_seconds', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('load_balancing_cross_zone_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http2_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http_desync_mitigation_mode', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http_drop_invalid_header_fields_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http_x_amzn_tls_version_and_cipher_suite_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http_xff_client_port_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('waf_fail_open_enabled', 'defined') | length == 0
+
+  - name: Get ALB application info without listeners, but with rules
+    elb_application_lb_info:
+      include_listeners: false
+    register: alb_info
+  - assert:
+      that:
+      - alb_info.load_balancers | selectattr('listeners', 'defined') | length > 0
+      - alb_info.load_balancers[0].listeners | length > 0
+
+  - name: Get ALB application info without listeners or rules
+    elb_application_lb_info:
+      include_listeners: false
+      include_listener_rules: false
+    register: alb_info
+  - assert:
+      that:
+      - alb_info.load_balancers | selectattr('listeners', 'defined') | length == 0
+
+  - name: Get ALB application info without listener rules
+    elb_application_lb_info:
+      include_listener_rules: false
+    register: alb_info
+  - assert:
+      that:
+      - alb_info.load_balancers | selectattr('listeners', 'defined') | length > 0
+      - alb_info.load_balancers | map(attribute='listeners') | flatten | selectattr('rules', 'defined') | length == 0
+
+  - name: Get ALB application minimal info
+    elb_application_lb_info:
+      include_attributes: false
+      include_listeners: false
+      include_listener_rules: false
+    register: alb_info
+  - assert:
+      that:
+      - alb_info.load_balancers | selectattr('access_logs_s3_bucket', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('access_logs_s3_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('access_logs_s3_prefix', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('deletion_protection_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('idle_timeout_timeout_seconds', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('load_balancing_cross_zone_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http2_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http_desync_mitigation_mode', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http_drop_invalid_header_fields_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http_x_amzn_tls_version_and_cipher_suite_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('routing_http_xff_client_port_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('waf_fail_open_enabled', 'defined') | length == 0
+      - alb_info.load_balancers | selectattr('listeners', 'defined') | length == 0
+
     # ------------------------------------------------------------------------------------------
 
   - name: Delete an ALB - check_mode