Retrieve facts from Amazon Certificate Manager.

[linuxdynasty]

ISSUE TYPE

• New Module Pull Request

COMPONENT NAME

acm_certificate_facts

ANSIBLE VERSION

ansible 2.1.1.0

SUMMARY

acm_certificate_facts will retrieve facts about a domain in Amazon Certificate Manager. This module depends on Pull Request 17039 in the Main Ansible Repository AWSRetry Decorator

# Retrieve certificate by domain name
- acm_certificate_facts:
    domain_name: *.foobar.com
  register: acm_cert

# Retrieve certificate by arn (Amazon Resource Identifier)
- acm_certificate_facts:
    arn: "arn:aws:acm:us-west-2:123456789:certificate/25b4ad8a-1e24-4001-bcd0-e82fb3554cd7" (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
  register: acm_cert

# Retrieve all Amazon certificates.
- acm_certificate_facts:
  register: acm_certs

Example output..

            {
                u'*.api.foo.com': {
                    u'status': u'ISSUED',
                    u'key_algorithm': u'RSA-2048',
                    u'domain_validation_options': [
                        {
                            u'validation_domain': u'foo.com',
                            u'domain_name': u'*.api.foo.com',
                            u'validation_emails': [
                                u'webmaster@foo.com', u'admin@foo.com', u'administrator@foo.com', u'hostmaster@foo.com', u'postmaster@foo.com'
                            ]
                        }
                    ],
                    u'not_after': '2017-07-03T05:00:00-07:00',
                    u'created_at': '2016-06-03T07:18:18-07:00',
                    u'domain_name': u'*.api.foo.com',
                    u'in_use_by': [],
                    u'signature_algorithm': u'SHA256WITHRSA',
                    u'issued_at': '2016-06-03T10:32:39-07:00',
                    u'certificate_arn': u'arn:aws:acm:us-west-2:123456789:certificate/25b4ad8a-1e24-4001-bcd0-e82fb3554cd7',
                    u'subject': u'CN=*.api.foo.com',
                    u'subject_alternative_names': [u'*.api.foo.com'],
                    u'not_before': '2016-06-02T17:00:00-07:00',
                    u'serial': u'07:4b:97:96:e5:87:e4:2e:0d:ac:34:aa:3d:45:74:6f',
                    u'issuer': u'Amazon'
                }
            }

---

This change is

[gregdek]

Thanks @linuxdynasty for this new module. When this module receives 'shipit' comments from two community members and any 'needs_revision' comments have been resolved, we will mark for inclusion.

[This message brought to you by your friendly Ansibull-bot.]

[ryansb]

I'd prefer if you also surface the traceback here. Just pass traceback.format_exc(e) as the named param exception to fail_json.

[linuxdynasty]

I like to keep all of exiting of code within the main function. This makes it cleaner when writing unit tests for modules. At least in my opinion.

[ryansb]

You can keep exiting code out of this part of the code, just surface the traceback to the main() caller so it can fail with the TB.

[Sodki]

name is mentioned here, but examples and the rest of the code call it domain_name.

[ansibot]

This repository has been locked. All new issues and pull requests should be filed in https://github.com/ansible/ansible

Please read through the repomerge page in the dev guide. The guide contains links to tools which automatically move your issue or pull request to the ansible/ansible repo.

[Sodki]

@linuxdynasty are you still interested in maintaining this? Can you please create a new PR in the right repository? If you're not interested, do you mind if I fork your code and do it myself?

[ansibot]

This repository has been locked. All new issues and pull requests should be filed in https://github.com/ansible/ansible

Please read through the repomerge page in the dev guide. The guide contains links to tools which automatically move your issue or pull request to the ansible/ansible repo.