ec2_vol does not suport us-gov-east-1 region due to legacy boto

[aghassemlouei]

SUMMARY

The ansible ec2_vol module does not have support for us-gov-east-1 due to the version of boto that it leverages. The version of boto in use by aws and yum are not boto3 which causes the module to fail.

ISSUE TYPE

• Bug Report

COMPONENT NAME

ec2_vol

ANSIBLE VERSION

ansible --version
ansible 2.9.2
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /bin/ansible
  python version = 2.7.5 (default, Jun 11 2019, 12:19:05) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]

CONFIGURATION

HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False

OS / ENVIRONMENT

• Red Hat Enterprise Linux 7.6
• AWS GovCloud East (us-gov-east-1)
• Boto version 2.45.0-3.el7
• AWS CLI version 1.17.9

aws-cli/1.17.9 Python/2.7.5 Linux/3.10.0-957.27.2.el7.x86_64 botocore/1.14.9

STEPS TO REPRODUCE

Attempt to create and attach volumes within the AWS GovCloud East (us-gov-east-1) region:

- name: Create, tag, and attach additional volumes on AWS
  local_action:
    module: ec2_vol
    volume_type: "{{ item.value.type | default('gp2') }}"
    kms_key_id: "{{ item.value.disk_encryption_key | default(disk_encryption_key_default) }}"
    region: '{{ ansible_ec2_placement_region }}'
    instance: '{{ ansible_ec2_instance_id }}'
    volume_size: '{{ item.value.size }}'
    device_name: '{{ device_name_aws }}'
    encrypted: "{{ disk_encryption | bool | default('no')}}"
    tags:
      Name: "{{ volume_name_randomization_string }}_{{ item.key }}"
      MountPoint: "{{ item.value.mount_point }}"
      Hostname: "{{ ansible_hostname }}"
      Instance: "{{ ansible_ec2_instance_id }}"
  when: disk_create | bool and ansible_ec2_instance_id is defined and azure_resource_group is not defined

EXPECTED RESULTS

Volume should be created using the module within the us-gov-east-1 region.

ACTUAL RESULTS

WARNING: The below traceback may *not* be related to the actual failure.
  File "/tmp/ansible_ec2_vol_payload_9CIheQ/ansible_ec2_vol_payload.zip/ansible/modules/cloud/amazon/ec2_vol.py", line 542, in main
  File "/tmp/ansible_ec2_vol_payload_9CIheQ/ansible_ec2_vol_payload.zip/ansible/module_utils/ec2.py", line 340, in connect_to_aws
    "boto or extend with endpoints_path" % (region, aws_module.__name__))
 
fatal: [test -> localhost]: FAILED! => {
    "changed": false,
    "invocation": {
        "module_args": {
            "aws_access_key": null,
            "aws_secret_key": null,
            "debug_botocore_endpoint_logs": false,
            "delete_on_termination": false,
            "device_name": "/dev/sdb",
            "ec2_url": "https://ec2.us-gov-east-1.amazonaws.com",
            "encrypted": true,
            "id": null,
            "instance": "i-12345678",
            "iops": null,
            "kms_key_id": "1234-1234-1234-1234-12345678",
            "name": null,
            "profile": null,
            "region": "us-gov-east-1",
            "security_token": null,
            "snapshot": null,
            "state": "present",
            "tags": {
                "Hostname": "test",
                "Instance": "i-123456",
                "MountPoint": "/usr/sap",
                "Name": "c651dc4ed49855369b6d10afe10d77e1_usr_sap"
            },
            "validate_certs": true,
            "volume_size": "50",
            "volume_type": "gp2",
            "zone": null
        }
    },
    "msg": "Region us-gov-east-1 does not seem to be available for aws module boto.ec2. If the region definitely exists, you may need to upgrade boto or extend with endpoints_path"
}

[ansibot]

Files identified in the description:

• lib/ansible/modules/cloud/amazon/ec2_vol.py

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

[ansibot]

cc @jillr @lwade @s-hertel @tremble
click here for bot help

[ansibot]

@aghassemlouei, just so you are aware we have a dedicated Working Group for aws.
You can find other people interested in this in #ansible-aws on Freenode IRC
For more information about communities, meetings and agendas see https://github.com/ansible/community

click here for bot help

[jillr]

A boto3 port of ec2_vol was previously started, it's been some time but #45500 might still be a good source of inspiration.

[aghassemlouei]

@jillr nice find! I'll see if I can find anyone willing to dig into that git issue as I don't have the technical knowledge to address the issue.

[aghassemlouei]

Opened an AWS support ticket but no luck on that end. Any assistance from anyone would be greatly appreciated!

[ansibot]

Thank you very much for your interest in Ansible. Ansible has migrated much of the content into separate repositories to allow for more rapid, independent development. We are closing this issue/PR because this content has been moved to one or more collection repositories.

• lib/ansible/modules/cloud/amazon/ec2_vol.py -> https://galaxy.ansible.com/amazon/aws

For further information, please see:
https://github.com/ansible/ansibullbot/blob/master/docs/collection_migration.md