Skip to content
This repository has been archived by the owner on Oct 30, 2018. It is now read-only.

Retrieve facts from Amazon Certificate Manager. #2718

Closed

Conversation

linuxdynasty
Copy link
Contributor

@linuxdynasty linuxdynasty commented Aug 14, 2016

ISSUE TYPE
  • New Module Pull Request
COMPONENT NAME

acm_certificate_facts

ANSIBLE VERSION
ansible 2.1.1.0
SUMMARY

acm_certificate_facts will retrieve facts about a domain in Amazon Certificate Manager. This module depends on Pull Request 17039 in the Main Ansible Repository AWSRetry Decorator

# Retrieve certificate by domain name
- acm_certificate_facts:
    domain_name: *.foobar.com
  register: acm_cert

# Retrieve certificate by arn (Amazon Resource Identifier)
- acm_certificate_facts:
    arn: "arn:aws:acm:us-west-2:123456789:certificate/25b4ad8a-1e24-4001-bcd0-e82fb3554cd7" (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
  register: acm_cert

# Retrieve all Amazon certificates.
- acm_certificate_facts:
  register: acm_certs

Example output..

            {
                u'*.api.foo.com': {
                    u'status': u'ISSUED',
                    u'key_algorithm': u'RSA-2048',
                    u'domain_validation_options': [
                        {
                            u'validation_domain': u'foo.com',
                            u'domain_name': u'*.api.foo.com',
                            u'validation_emails': [
                                u'webmaster@foo.com', u'admin@foo.com', u'administrator@foo.com', u'hostmaster@foo.com', u'postmaster@foo.com'
                            ]
                        }
                    ],
                    u'not_after': '2017-07-03T05:00:00-07:00',
                    u'created_at': '2016-06-03T07:18:18-07:00',
                    u'domain_name': u'*.api.foo.com',
                    u'in_use_by': [],
                    u'signature_algorithm': u'SHA256WITHRSA',
                    u'issued_at': '2016-06-03T10:32:39-07:00',
                    u'certificate_arn': u'arn:aws:acm:us-west-2:123456789:certificate/25b4ad8a-1e24-4001-bcd0-e82fb3554cd7',
                    u'subject': u'CN=*.api.foo.com',
                    u'subject_alternative_names': [u'*.api.foo.com'],
                    u'not_before': '2016-06-02T17:00:00-07:00',
                    u'serial': u'07:4b:97:96:e5:87:e4:2e:0d:ac:34:aa:3d:45:74:6f',
                    u'issuer': u'Amazon'
                }
            }

This change is Reviewable

@gregdek
Copy link
Contributor

gregdek commented Aug 14, 2016

Thanks @linuxdynasty for this new module. When this module receives 'shipit' comments from two community members and any 'needs_revision' comments have been resolved, we will mark for inclusion.

[This message brought to you by your friendly Ansibull-bot.]

Examples below.

- acm_certificate_facts:
    domain_name: *.foobar.com
  register: acm_cert

- acm_certificate_facts:
    arn: "arn:aws:acm:us-west-2:123456789:certificate/25b4ad8a-1e24-4001-bcd0-e82fb3554cd7" (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
  register: acm_cert

- acm_certificate_facts:
  register: acm_certs
results = LIST_CERTIFICATES
except Exception as e:
success = False
err_msg = str(e)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer if you also surface the traceback here. Just pass traceback.format_exc(e) as the named param exception to fail_json.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like to keep all of exiting of code within the main function. This makes it cleaner when writing unit tests for modules. At least in my opinion.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can keep exiting code out of this part of the code, just surface the traceback to the main() caller so it can fail with the TB.

author: "Allen Sanabria (@linuxdynasty)"
requirements: [boto3, botocore]
options:
name:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

name is mentioned here, but examples and the rest of the code call it domain_name.

@ansibot
Copy link

ansibot commented Dec 6, 2016

This repository has been locked. All new issues and pull requests should be filed in https://github.com/ansible/ansible

Please read through the repomerge page in the dev guide. The guide contains links to tools which automatically move your issue or pull request to the ansible/ansible repo.

@Sodki
Copy link
Contributor

Sodki commented Jan 19, 2017

@linuxdynasty are you still interested in maintaining this? Can you please create a new PR in the right repository? If you're not interested, do you mind if I fork your code and do it myself?

@ansibot
Copy link

ansibot commented Apr 11, 2017

This repository has been locked. All new issues and pull requests should be filed in https://github.com/ansible/ansible

Please read through the repomerge page in the dev guide. The guide contains links to tools which automatically move your issue or pull request to the ansible/ansible repo.

@ansibot ansibot closed this Apr 11, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

5 participants