-
Notifications
You must be signed in to change notification settings - Fork 328
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor ARN validation code #1619
Merged
softwarefactory-project-zuul
merged 3 commits into
ansible-collections:main
from
tremble:module_utils/arn/test_arn
Jun 23, 2023
Merged
Refactor ARN validation code #1619
softwarefactory-project-zuul
merged 3 commits into
ansible-collections:main
from
tremble:module_utils/arn/test_arn
Jun 23, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
9d70075
to
285c9f1
Compare
285c9f1
to
317b0a1
Compare
recheck |
alinabuzachis
approved these changes
Jun 22, 2023
344dbd1
into
ansible-collections:main
73 checks passed
Backport to stable-6: 💚 backport PR created✅ Backport PR branch: Backported as #1622 🤖 @patchback |
patchback bot
pushed a commit
that referenced
this pull request
Jun 23, 2023
Refactor ARN validation code SUMMARY Adds resource_id and resource_type to parse_aws_arn() return value. Adds validate_aws_arn() to handle common pattern matching for ARNs. ISSUE TYPE Feature Pull Request COMPONENT NAME ec2_instance iam_user ADDITIONAL INFORMATION Related to ansible-collections/community.aws#1846 - We've been doing things like assuming the aws partition. Reviewed-by: Alina Buzachis (cherry picked from commit 344dbd1)
softwarefactory-project-zuul bot
pushed a commit
to ansible-collections/community.aws
that referenced
this pull request
Jun 26, 2023
Various ARN handling fixes Depends-On: ansible-collections/amazon.aws#1619 SUMMARY fixes: #1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis
tremble
pushed a commit
that referenced
this pull request
Jun 27, 2023
SUMMARY Adds resource_id and resource_type to parse_aws_arn() return value. Adds validate_aws_arn() to handle common pattern matching for ARNs. ISSUE TYPE Feature Pull Request COMPONENT NAME ec2_instance iam_user ADDITIONAL INFORMATION Related to ansible-collections/community.aws#1846 - We've been doing things like assuming the aws partition. Reviewed-by: Alina Buzachis (cherry picked from commit 344dbd1)
patchback bot
pushed a commit
to ansible-collections/community.aws
that referenced
this pull request
Jun 27, 2023
Various ARN handling fixes Depends-On: ansible-collections/amazon.aws#1619 SUMMARY fixes: #1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis (cherry picked from commit 25a636c)
softwarefactory-project-zuul bot
pushed a commit
to ansible-collections/community.aws
that referenced
this pull request
Jun 27, 2023
[PR #1848/25a636ce backport][stable-6] Various ARN handling fixes This is a backport of PR #1848 as merged into main (25a636c). Depends-On: ansible-collections/amazon.aws#1619 SUMMARY fixes: #1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Mark Chappell
mandar242
pushed a commit
to mandar242/amazon.aws
that referenced
this pull request
Sep 13, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@25a636c
mandar242
pushed a commit
to mandar242/amazon.aws
that referenced
this pull request
Sep 13, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@25a636c
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this pull request
Sep 18, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this pull request
Sep 18, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this pull request
Sep 20, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@25a636c
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Oct 6, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@25a636c
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Oct 6, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@25a636c
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Oct 6, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@25a636c
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Oct 6, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@25a636c
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this pull request
Oct 20, 2023
Various ARN handling fixes Depends-On: ansible-collections#1619 SUMMARY fixes: ansible-collections#1846 Various modules had hard-coded ARN handling which assumed the use of the main partition. This causes problems for folks using Gov Cloud (and aws-cn) ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/modules/batch_compute_environment.py plugins/modules/ec2_launch_template.py plugins/modules/elasticache_info.py plugins/modules/iam_group.py plugins/modules/iam_role.py plugins/modules/msk_config.py plugins/modules/redshift.py plugins/modules/sns_topic.py ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@25a636c
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this pull request
Oct 24, 2023
…nsible-collections#1619) aws_ssm: ability to customize s3 endpoint for vpc interface endpoint Depends-On: ansible/ansible-zuul-jobs#1743 SUMMARY Add a new variable for setting the s3 endpoint url ISSUE TYPE Feature Pull Request COMPONENT NAME connection aws_ssm.py ADDITIONAL INFORMATION If you try to running SSM commands on EC2 instances in private networks only with vpc interface endpoints. You are not able to access S3 service because the generated URL is wrong. For now this plugin only works for s3 vpc gateway endpoints. Not for s3 vpc interface endpoints. To simply fix this. We need the possibility to set the interface endpoint url. So I added a new parameter to the connection plugin. How to test - name: test ssm on an EC2 instance hosts: router vars: ansible_python_interpreter: /usr/bin/python3 ansible_connection: aws_ssm ansible_aws_ssm_region: 'eu-west-1' ansible_aws_ssm_bucket_name: testbucket ansible_aws_ssm_bucket_endpoint_url: "https://vpce-00000000000000-10ygvtbr.s3.eu-west-1.vpce.amazonaws.com" tasks: - name: list files in opt folder shell: echo "running on $(curl -s http://169.254.169.254/latest/meta-data/instance-id)" Output before change XEC curl 'https://testbucket.s3.amazonaws.com/i-0b5e11951ab6b12cd//home/ssm-user/.ansible/tmp/ansible-tmp-1610187779.9946203-6452-52757228453165/AnsiballZ_setup.py?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIAZEY6F5MCGGCDZQGI%2F20210109%2F**eu-central-1**%2Fs3%2Faws4_request&X-Amz-Date=20210109T102300Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEKr%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaDGV1LWNlbnRyYWwtMSJIMEYCIQDRoCbT6dS9geijC00Xhr4nKdDrfKSE0ULsEXNgjM3vUwIhAMoAiDJJSGehMKvcmUlZDHc17WcV3Wnw4lsCED4MH%2BkMKroDCHMQABoMNjI4NzM5MTQwMzU2IgylHaq9VXBqdPex8fsqlwMzbTC5nczwsbUzXkpdw1MWndywQnjxp%2BnZoYcHMba6TGM57osVwt6hQoYxKA04co63FOr%2FtvhmmLGdphxeEGBPRjyTCNB%2Bdtr%2BwfKmjyls7WmBQF4jRMm2xPMUSd3EBnitCOpRvHPtp4xsuIX59QKCZmUNKBYIn2USx18mcSrWpI1emQGkmgewn9EOxUT168X9unNnvmUerokKgD5f1dZvpnIEmUyPYhYFCkJAdmLa5E5CIWe4UFfULLwDwTqYe6akqSAhBUeMrzWvebp7oXkER%2BymsmdGdAl4nFKNDtJ5suSkcGooliKsFhrHKEb1gN4UH%2FldPSFZqCEOayiWByk6SK7yEkhqI7wbc5Ufwv68AimpRddA5dU95kXUL3tgBYq5QcSeXStdd%2B6nQ3vRDBJx%2BETvR2dGOeZv%2Bu6p1iLaT5wnMgMcSnPQWCTja%2Bnf7Lp%2Bkmd4pR9yfTYaPa%2FVdblsVAXtfDURQ7wHwV6DJJavt26oUXNOOjEXg4FDraLzGSNWGFjMkbxLSBFNEyKBB9g3Hk8hV4YOwjC4%2BeX%2FBTrqAfEXoF92NloBKePOvKXzFcp8YT8yC0p35rXYqa0GA5d9ZNaGewFw6ks9VMUTSht3SZ2ns2qCYF6p73ISe88pgrUWGwFaxZnbNxP1dvfpNH3X9zQ9oVyjKfD9dwPfnOYpx6j48dZZhdgZ6n2H13h3Ckf7hmebHo7po%2BWrXkc8K1Bo07YSFyFMffieXBk0NvrBPGNGtKTEJ3m%2FfF4vkM4lnEN2xWaS0umgwMQrCqfhKD3Gpf%2BdglVJ2oBRHb3ho7dfie48ohpAd%2B6j752PjR2SuaA3Gokns8scHLBB7dvkGlmqb3vrX8TYsc7CZg%3D%3D&X-Amz-Signature=a992947e6682f66239d42c08a6b8ba2da136a572bc15a2184763846fd5a39504' -o '/home/ssm-user/.ansible/tmp/ansible-tmp-1610187779.9946203-6452-52757228453165/AnsiballZ_setup.py' Output after change XEC curl 'https://testbucket.vpce-00000000000000-10ygvtbr.s3.eu-west-1.vpce.amazonaws.com/i-0b5e11951ab6b12cd//home/ssm-user/.ansible/tmp/ansible-tmp-1610187779.9946203-6452-52757228453165/AnsiballZ_setup.py?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIAZEY6F5MCGGCDZQGI%2F20210109%2F**eu-central-1**%2Fs3%2Faws4_request&X-Amz-Date=20210109T102300Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEKr%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaDGV1LWNlbnRyYWwtMSJIMEYCIQDRoCbT6dS9geijC00Xhr4nKdDrfKSE0ULsEXNgjM3vUwIhAMoAiDJJSGehMKvcmUlZDHc17WcV3Wnw4lsCED4MH%2BkMKroDCHMQABoMNjI4NzM5MTQwMzU2IgylHaq9VXBqdPex8fsqlwMzbTC5nczwsbUzXkpdw1MWndywQnjxp%2BnZoYcHMba6TGM57osVwt6hQoYxKA04co63FOr%2FtvhmmLGdphxeEGBPRjyTCNB%2Bdtr%2BwfKmjyls7WmBQF4jRMm2xPMUSd3EBnitCOpRvHPtp4xsuIX59QKCZmUNKBYIn2USx18mcSrWpI1emQGkmgewn9EOxUT168X9unNnvmUerokKgD5f1dZvpnIEmUyPYhYFCkJAdmLa5E5CIWe4UFfULLwDwTqYe6akqSAhBUeMrzWvebp7oXkER%2BymsmdGdAl4nFKNDtJ5suSkcGooliKsFhrHKEb1gN4UH%2FldPSFZqCEOayiWByk6SK7yEkhqI7wbc5Ufwv68AimpRddA5dU95kXUL3tgBYq5QcSeXStdd%2B6nQ3vRDBJx%2BETvR2dGOeZv%2Bu6p1iLaT5wnMgMcSnPQWCTja%2Bnf7Lp%2Bkmd4pR9yfTYaPa%2FVdblsVAXtfDURQ7wHwV6DJJavt26oUXNOOjEXg4FDraLzGSNWGFjMkbxLSBFNEyKBB9g3Hk8hV4YOwjC4%2BeX%2FBTrqAfEXoF92NloBKePOvKXzFcp8YT8yC0p35rXYqa0GA5d9ZNaGewFw6ks9VMUTSht3SZ2ns2qCYF6p73ISe88pgrUWGwFaxZnbNxP1dvfpNH3X9zQ9oVyjKfD9dwPfnOYpx6j48dZZhdgZ6n2H13h3Ckf7hmebHo7po%2BWrXkc8K1Bo07YSFyFMffieXBk0NvrBPGNGtKTEJ3m%2FfF4vkM4lnEN2xWaS0umgwMQrCqfhKD3Gpf%2BdglVJ2oBRHb3ho7dfie48ohpAd%2B6j752PjR2SuaA3Gokns8scHLBB7dvkGlmqb3vrX8TYsc7CZg%3D%3D&X-Amz-Signature=a992947e6682f66239d42c08a6b8ba2da136a572bc15a2184763846fd5a39504' -o '/home/ssm-user/.ansible/tmp/ansible-tmp-1610187779.9946203-6452-52757228453165/AnsiballZ_setup.py' Reviewed-by: Markus Bergholz <git@osuv.de> Reviewed-by: Mark Chappell <None>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
resource_id
andresource_type
toparse_aws_arn()
return value.validate_aws_arn()
to handle common pattern matching for ARNs.ISSUE TYPE
COMPONENT NAME
ec2_instance
iam_user
ADDITIONAL INFORMATION
Related to ansible-collections/community.aws#1846 - We've been doing things like assuming the
aws
partition.