From e3eb94c23206603103f3c4faec6c227f59a1544c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 26 Apr 2024 06:06:02 +0200 Subject: Merging upstream version 9.5.1+dfsg. Signed-off-by: Daniel Baumann --- .../plugins/modules/cloudwatchlogs_log_group_info.py | 17 ++++++++++++++--- .../amazon/aws/plugins/modules/iam_user_info.py | 19 ++++++++++++++++++- .../amazon/aws/plugins/modules/s3_object.py | 9 ++++++++- 3 files changed, 40 insertions(+), 5 deletions(-) (limited to 'ansible_collections/amazon/aws/plugins/modules') diff --git a/ansible_collections/amazon/aws/plugins/modules/cloudwatchlogs_log_group_info.py b/ansible_collections/amazon/aws/plugins/modules/cloudwatchlogs_log_group_info.py index 0cfe22e22..453d268d5 100644 --- a/ansible_collections/amazon/aws/plugins/modules/cloudwatchlogs_log_group_info.py +++ b/ansible_collections/amazon/aws/plugins/modules/cloudwatchlogs_log_group_info.py @@ -82,6 +82,18 @@ from ansible.module_utils.common.dict_transformations import camel_dict_to_snake from ansible_collections.amazon.aws.plugins.module_utils.botocore import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.modules import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.retries import AWSRetry + + +@AWSRetry.exponential_backoff() +def list_tags_log_group_with_backoff(client, log_group_name): + return client.list_tags_log_group(logGroupName=log_group_name) + + +@AWSRetry.exponential_backoff() +def describe_log_groups_with_backoff(client, **kwargs): + paginator = client.get_paginator("describe_log_groups") + return paginator.paginate(**kwargs).build_full_result() def describe_log_group(client, log_group_name, module): @@ -89,15 +101,14 @@ def describe_log_group(client, log_group_name, module): if log_group_name: params["logGroupNamePrefix"] = log_group_name try: - paginator = client.get_paginator("describe_log_groups") - desc_log_group = paginator.paginate(**params).build_full_result() + desc_log_group = describe_log_groups_with_backoff(client, **params) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg=f"Unable to describe log group {log_group_name}") for log_group in desc_log_group["logGroups"]: log_group_name = log_group["logGroupName"] try: - tags = client.list_tags_log_group(logGroupName=log_group_name) + tags = list_tags_log_group_with_backoff(client, log_group_name) except is_boto3_error_code("AccessDeniedException"): tags = {} module.warn(f"Permission denied listing tags for log group {log_group_name}") diff --git a/ansible_collections/amazon/aws/plugins/modules/iam_user_info.py b/ansible_collections/amazon/aws/plugins/modules/iam_user_info.py index 259d26803..2ddbe1d5a 100644 --- a/ansible_collections/amazon/aws/plugins/modules/iam_user_info.py +++ b/ansible_collections/amazon/aws/plugins/modules/iam_user_info.py @@ -103,14 +103,27 @@ iam_users: type: dict returned: if user exists sample: '{"Env": "Prod"}' + login_profile: + description: Detailed login profile information if the user has access to log in from AWS default console. Returns an empty object {} if no access. + returned: always + type: dict + sample: {"create_date": "2024-03-20T12:50:56+00:00", "password_reset_required": false, "user_name": "i_am_a_user"} """ from ansible_collections.amazon.aws.plugins.module_utils.iam import AnsibleIAMError +from ansible_collections.amazon.aws.plugins.module_utils.iam import IAMErrorHandler from ansible_collections.amazon.aws.plugins.module_utils.iam import get_iam_group from ansible_collections.amazon.aws.plugins.module_utils.iam import get_iam_user from ansible_collections.amazon.aws.plugins.module_utils.iam import list_iam_users from ansible_collections.amazon.aws.plugins.module_utils.iam import normalize_iam_user from ansible_collections.amazon.aws.plugins.module_utils.modules import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.retries import AWSRetry + + +@IAMErrorHandler.list_error_handler("get login profile", {}) +@AWSRetry.jittered_backoff() +def check_console_access(connection, user_name): + return connection.get_login_profile(UserName=user_name)["LoginProfile"] def _list_users(connection, name, group, path): @@ -136,6 +149,8 @@ def _list_users(connection, name, group, path): def list_users(connection, name, group, path): users = _list_users(connection, name, group, path) users = [u for u in users if u is not None] + for user in users: + user["LoginProfile"] = check_console_access(connection, user["UserName"]) return [normalize_iam_user(user) for user in users] @@ -147,7 +162,9 @@ def main(): ) module = AnsibleAWSModule( - argument_spec=argument_spec, mutually_exclusive=[["group", "path_prefix"]], supports_check_mode=True + argument_spec=argument_spec, + mutually_exclusive=[["group", "path_prefix"]], + supports_check_mode=True, ) name = module.params.get("name") diff --git a/ansible_collections/amazon/aws/plugins/modules/s3_object.py b/ansible_collections/amazon/aws/plugins/modules/s3_object.py index 2c4ebe9c3..2cd897c89 100644 --- a/ansible_collections/amazon/aws/plugins/modules/s3_object.py +++ b/ansible_collections/amazon/aws/plugins/modules/s3_object.py @@ -315,7 +315,9 @@ EXAMPLES = r""" object: /my/desired/key.txt src: /usr/local/myfile.txt mode: put - metadata: 'Content-Encoding=gzip,Cache-Control=no-cache' + metadata: + Content-Encoding: gzip + Cache-Control: no-cache - name: PUT/upload with custom headers amazon.aws.s3_object: @@ -1314,6 +1316,11 @@ def copy_object_to_bucket(module, s3, bucket, obj, encrypt, metadata, validate, metadata, ) ) + if metadata: + # 'MetadataDirective' Specifies whether the metadata is copied from the source object or replaced + # with metadata that's provided in the request. The default value is 'COPY', therefore when user + # specifies a metadata we should set it to 'REPLACE' + params.update({"MetadataDirective": "REPLACE"}) s3.copy_object(aws_retry=True, **params) put_object_acl(module, s3, bucket, obj) # Tags -- cgit v1.2.3