summaryrefslogtreecommitdiffstats
path: root/ansible_collections/amazon/aws/plugins/modules
diff options
context:
space:
mode:
Diffstat (limited to 'ansible_collections/amazon/aws/plugins/modules')
-rw-r--r--ansible_collections/amazon/aws/plugins/modules/cloudwatchlogs_log_group_info.py17
-rw-r--r--ansible_collections/amazon/aws/plugins/modules/iam_user_info.py19
-rw-r--r--ansible_collections/amazon/aws/plugins/modules/s3_object.py9
3 files changed, 40 insertions, 5 deletions
diff --git a/ansible_collections/amazon/aws/plugins/modules/cloudwatchlogs_log_group_info.py b/ansible_collections/amazon/aws/plugins/modules/cloudwatchlogs_log_group_info.py
index 0cfe22e22..453d268d5 100644
--- a/ansible_collections/amazon/aws/plugins/modules/cloudwatchlogs_log_group_info.py
+++ b/ansible_collections/amazon/aws/plugins/modules/cloudwatchlogs_log_group_info.py
@@ -82,6 +82,18 @@ from ansible.module_utils.common.dict_transformations import camel_dict_to_snake
from ansible_collections.amazon.aws.plugins.module_utils.botocore import is_boto3_error_code
from ansible_collections.amazon.aws.plugins.module_utils.modules import AnsibleAWSModule
+from ansible_collections.amazon.aws.plugins.module_utils.retries import AWSRetry
+
+
+@AWSRetry.exponential_backoff()
+def list_tags_log_group_with_backoff(client, log_group_name):
+ return client.list_tags_log_group(logGroupName=log_group_name)
+
+
+@AWSRetry.exponential_backoff()
+def describe_log_groups_with_backoff(client, **kwargs):
+ paginator = client.get_paginator("describe_log_groups")
+ return paginator.paginate(**kwargs).build_full_result()
def describe_log_group(client, log_group_name, module):
@@ -89,15 +101,14 @@ def describe_log_group(client, log_group_name, module):
if log_group_name:
params["logGroupNamePrefix"] = log_group_name
try:
- paginator = client.get_paginator("describe_log_groups")
- desc_log_group = paginator.paginate(**params).build_full_result()
+ desc_log_group = describe_log_groups_with_backoff(client, **params)
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
module.fail_json_aws(e, msg=f"Unable to describe log group {log_group_name}")
for log_group in desc_log_group["logGroups"]:
log_group_name = log_group["logGroupName"]
try:
- tags = client.list_tags_log_group(logGroupName=log_group_name)
+ tags = list_tags_log_group_with_backoff(client, log_group_name)
except is_boto3_error_code("AccessDeniedException"):
tags = {}
module.warn(f"Permission denied listing tags for log group {log_group_name}")
diff --git a/ansible_collections/amazon/aws/plugins/modules/iam_user_info.py b/ansible_collections/amazon/aws/plugins/modules/iam_user_info.py
index 259d26803..2ddbe1d5a 100644
--- a/ansible_collections/amazon/aws/plugins/modules/iam_user_info.py
+++ b/ansible_collections/amazon/aws/plugins/modules/iam_user_info.py
@@ -103,14 +103,27 @@ iam_users:
type: dict
returned: if user exists
sample: '{"Env": "Prod"}'
+ login_profile:
+ description: Detailed login profile information if the user has access to log in from AWS default console. Returns an empty object {} if no access.
+ returned: always
+ type: dict
+ sample: {"create_date": "2024-03-20T12:50:56+00:00", "password_reset_required": false, "user_name": "i_am_a_user"}
"""
from ansible_collections.amazon.aws.plugins.module_utils.iam import AnsibleIAMError
+from ansible_collections.amazon.aws.plugins.module_utils.iam import IAMErrorHandler
from ansible_collections.amazon.aws.plugins.module_utils.iam import get_iam_group
from ansible_collections.amazon.aws.plugins.module_utils.iam import get_iam_user
from ansible_collections.amazon.aws.plugins.module_utils.iam import list_iam_users
from ansible_collections.amazon.aws.plugins.module_utils.iam import normalize_iam_user
from ansible_collections.amazon.aws.plugins.module_utils.modules import AnsibleAWSModule
+from ansible_collections.amazon.aws.plugins.module_utils.retries import AWSRetry
+
+
+@IAMErrorHandler.list_error_handler("get login profile", {})
+@AWSRetry.jittered_backoff()
+def check_console_access(connection, user_name):
+ return connection.get_login_profile(UserName=user_name)["LoginProfile"]
def _list_users(connection, name, group, path):
@@ -136,6 +149,8 @@ def _list_users(connection, name, group, path):
def list_users(connection, name, group, path):
users = _list_users(connection, name, group, path)
users = [u for u in users if u is not None]
+ for user in users:
+ user["LoginProfile"] = check_console_access(connection, user["UserName"])
return [normalize_iam_user(user) for user in users]
@@ -147,7 +162,9 @@ def main():
)
module = AnsibleAWSModule(
- argument_spec=argument_spec, mutually_exclusive=[["group", "path_prefix"]], supports_check_mode=True
+ argument_spec=argument_spec,
+ mutually_exclusive=[["group", "path_prefix"]],
+ supports_check_mode=True,
)
name = module.params.get("name")
diff --git a/ansible_collections/amazon/aws/plugins/modules/s3_object.py b/ansible_collections/amazon/aws/plugins/modules/s3_object.py
index 2c4ebe9c3..2cd897c89 100644
--- a/ansible_collections/amazon/aws/plugins/modules/s3_object.py
+++ b/ansible_collections/amazon/aws/plugins/modules/s3_object.py
@@ -315,7 +315,9 @@ EXAMPLES = r"""
object: /my/desired/key.txt
src: /usr/local/myfile.txt
mode: put
- metadata: 'Content-Encoding=gzip,Cache-Control=no-cache'
+ metadata:
+ Content-Encoding: gzip
+ Cache-Control: no-cache
- name: PUT/upload with custom headers
amazon.aws.s3_object:
@@ -1314,6 +1316,11 @@ def copy_object_to_bucket(module, s3, bucket, obj, encrypt, metadata, validate,
metadata,
)
)
+ if metadata:
+ # 'MetadataDirective' Specifies whether the metadata is copied from the source object or replaced
+ # with metadata that's provided in the request. The default value is 'COPY', therefore when user
+ # specifies a metadata we should set it to 'REPLACE'
+ params.update({"MetadataDirective": "REPLACE"})
s3.copy_object(aws_retry=True, **params)
put_object_acl(module, s3, bucket, obj)
# Tags