ancestor: null releases: 1.0.0: changes: bugfixes: - '**security issue** - Convert CLI provided passwords to text initially, to prevent unsafe context being lost when converting from bytes->text during post processing of PlayContext. This prevents CLI provided passwords from being incorrectly templated (CVE-2019-14856)' - '**security issue** - Update ``AnsibleUnsafeText`` and ``AnsibleUnsafeBytes`` to maintain unsafe context by overriding ``.encode`` and ``.decode``. This prevents future issues with ``to_text``, ``to_bytes``, or ``to_native`` removing the unsafe wrapper when converting between string types (CVE-2019-14856)' - azure_rm_dnsrecordset_info - no longer returns empty ``azure_dnsrecordset`` facts when called as ``_info`` module. - azure_rm_resourcegroup_info - no longer returns ``azure_resourcegroups`` facts when called as ``_info`` module. - azure_rm_storageaccount_info - no longer returns empty ``azure_storageaccounts`` facts when called as ``_info`` module. - azure_rm_virtualmachineimage_info - no longer returns empty ``azure_vmimages`` facts when called as ``_info`` module. - azure_rm_virtualmachinescaleset_info - fix wrongly empty result, or ``ansible_facts`` result, when called as ``_info`` module. - azure_rm_virtualnetwork_info - no longer returns empty ``azure_virtualnetworks`` facts when called as ``_info`` module. - cloudfront_distribution - Always add field_level_encryption_id to cache behaviour to match AWS requirements - cloudwatchlogs_log_group - Fix a KeyError when updating a log group that does not have a retention period (https://github.com/ansible/ansible/issues/47945) - cloudwatchlogs_log_group_info - remove limitation of max 50 results - ec2_asg - Ensure ``wait`` is honored during replace operations - ec2_launch_template - Update output to include latest_version and default_version, matching the documentation - ec2_transit_gateway - Use AWSRetry before ClientError is handled when describing transit gateways - ec2_transit_gateway - fixed issue where auto_attach set to yes was not being honored (https://github.com/ansible/ansible/issues/61907) - edgeos_config - fix issue where module would silently filter out encrypted passwords - fixed issue with sns_topic's delivery_policy option resulting in changed always being true - lineinfile - properly handle inserting a line when backrefs are enabled and the line already exists in the file (https://github.com/ansible/ansible/issues/63756) - route53 - improve handling of octal encoded characters - win_credential - Fix issue that errors when trying to add a ``name`` with wildcards. deprecated_features: - cloudformation - The ``template_format`` option had no effect since Ansible 2.3 and will be removed after 2022-06-01 - data_pipeline - The ``version`` option had no effect and will be removed after 2022-06-01 - ec2_eip - The ``wait_timeout`` option had no effect and will be removed after 2022-06-01 - ec2_key - The ``wait_timeout`` option had no effect and will be removed after 2022-06-01 - ec2_key - The ``wait`` option had no effect and will be removed after 2022-06-01 - ec2_lc - The ``associate_public_ip_address`` option had no effect and will be removed after 2022-06-01 - elb_network_lb - The current default value of the ``state`` option has been deprecated and will change from absent to present after 2022-06-01 - iam_managed_policy - The ``fail_on_delete`` option had no effect and will be removed after 2022-06-01 - iam_policy - The ``policy_document`` will be removed after 2022-06-01. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin. - iam_policy - The default value of ``skip_duplicates`` will change after 2022-06-01 from ``true`` to ``false``. - iam_role - The default value of the purge_policies has been deprecated and will change from true to false after 2022-06-01 - s3_lifecycle - The ``requester_pays`` option had no effect and will be removed after 2022-06-01 - s3_sync - The ``retries`` option had no effect and will be removed after 2022-06-01 minor_changes: - Allow all params that boto support in aws_api_gateway module - aws_acm - Add the module to group/aws for module_defaults. - aws_acm - Update automatic retries to stabilize the integration tests. - aws_codecommit - Support updating the description - aws_kms - Adds the ``enable_key_rotation`` option to enable or disable automatically key rotation. - aws_kms - code refactor, some error messages updated - aws_kms_info - Adds the ``enable_key_rotation`` info to the return value. - ec2_asg - Add support for Max Instance Lifetime - ec2_asg - Add the ability to use mixed_instance_policy in launch template driven autoscaling groups - ec2_asg - Migrated to AnsibleAWSModule - ec2_placement_group - make ``name`` a required field. - ecs_task_definition - Add network_mode=default to support Windows ECS tasks. - elb_network_lb - added support to UDP and TCP_UDP protocols - elb_target - add awsretry to prevent rate exceeded errors (https://github.com/ansible/ansible/issues/51108) - elb_target_group - allow UDP and TCP_UDP protocols; permit only HTTP/HTTPS health checks using response codes and paths - iam - make ``name`` a required field. - iam_cert - make ``name`` a required field. - iam_policy - The iam_policy module has been migrated from boto to boto3. - iam_policy - make ``iam_name`` a required field. - iam_role - Add support for managing the maximum session duration - iam_role - Add support for removing the related instance profile when we delete the role - iam_role, iam_user and iam_group - the managed_policy option has been renamed to managed_policies (with an alias added) - iam_role, iam_user and iam_group - the purge_policy option has been renamed to purge_policies (with an alias added) - lambda - add a tracing_mode parameter to set the TracingConfig for AWS X-Ray. Also allow updating Lambda runtime. - purefa_volume - Change I(qos) parameter to I(bw_iops), but retain I(qos) as an alias for backwards compatibility (https://github.com/ansible/ansible/pull/61577). - redshift - Add AWSRetry calls for errors outside our control - route53 - the module now has diff support. - sns_topic - Add backoff when we get Topic ``NotFound`` exceptions while listing the subscriptions. - sqs_queue - Add support for tagging, KMS and FIFO queues - sqs_queue - updated to use boto3 instead of boto fragments: - 480004-cloudwatchlogs_log_group-KeyError.yaml - 56468-deprecate-lnb-absent.yml - 58118-aws_api_gateway-params.yml - 58822-aws-lamda-tracing-config.yaml - 59597-ecs-allow_default_network_mode.yml - 60508-route53-improve-octal-characters-handling.yml - 60944-sns_topic-delivery_policy-changed.yml - 61263-aws_codecommit-description.yml - 61271-cloudfront_distribution-encryptionid.yml - 61279-ec2_launch_template-output.yml - 61577-support-iops-in-purefa_volume.yml - 61805-azure-facts-info.yml - 61933-ec2_transit_gateway-honor-auto_attach-setting.yaml - 62014-iam_role_session_instanceprofile.yml - 63362-remove-edgeos-filtering.yaml - 63924-boto3.yml - 63961-deprecate-fail_on_delete.yml - 63989-deprecate-unused.yml - 64230-deprecate-unused.yml - 64258-purge_policies.yml - 64368-deprecate-unused.yml - 64598-add-next-token-support.yml - 64867-route53-diff.yml - 65265-allow-udp-tcpudp-protocol.yaml - 65555-amazon-sanity-required.yml - 65557-iam-make-name-required.yml - 65558-iam_cert-require-name.yml - 65559-iam_policy-require-iam_name.yml - 66037-aws_kms.yml - 66673-elb_target-awsretry.yaml - 66779-redshift-backoff.yml - 66795-sqs_queue-boto3.yaml - 66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml - 67045-ec2_asg_mixed_instance_policy.yml - 67089-sns_topic-notfound-backoff.yaml - 67247-fix-ec2_transit_gateway-retries.yaml - 67651-aws-kms-key-rotation.yml - 67671-aws_acm-module_defaults.yaml - 67770-aws-kms-info-key-rotation.yml - dont-template-cli-passwords.yml - lineinfile-backrefs-match-object-type.yaml - win_credential-wildcard.yaml modules: - description: Upload and delete certificates in the AWS Certificate Manager service name: aws_acm namespace: '' - description: Retrieve certificate information from AWS Certificate Manager service name: aws_acm_info namespace: '' - description: Manage AWS API Gateway APIs name: aws_api_gateway namespace: '' - description: Manage Application Auto Scaling Scaling Policies name: aws_application_scaling_policy namespace: '' - description: Manage AWS Batch Compute Environments name: aws_batch_compute_environment namespace: '' - description: Manage AWS Batch Job Definitions name: aws_batch_job_definition namespace: '' - description: Manage AWS Batch Job Queues name: aws_batch_job_queue namespace: '' - description: Create or delete an AWS CodeBuild project name: aws_codebuild namespace: '' - description: Manage repositories in AWS CodeCommit name: aws_codecommit namespace: '' - description: Create or delete AWS CodePipelines name: aws_codepipeline namespace: '' - description: Manage cross-account AWS Config authorizations name: aws_config_aggregation_authorization namespace: '' - description: Manage AWS Config aggregations across multiple accounts name: aws_config_aggregator namespace: '' - description: Manage AWS Config delivery channels name: aws_config_delivery_channel namespace: '' - description: Manage AWS Config Recorders name: aws_config_recorder namespace: '' - description: Manage AWS Config resources name: aws_config_rule namespace: '' - description: Creates, deletes, modifies a DirectConnect connection name: aws_direct_connect_connection namespace: '' - description: Manage AWS Direct Connect gateway name: aws_direct_connect_gateway namespace: '' - description: Manage Direct Connect LAG bundles name: aws_direct_connect_link_aggregation_group namespace: '' - description: Manage Direct Connect virtual interfaces name: aws_direct_connect_virtual_interface namespace: '' - description: Manage Elastic Kubernetes Service Clusters name: aws_eks_cluster namespace: '' - description: Create, update, and delete an elastic beanstalk application name: aws_elasticbeanstalk_app namespace: '' - description: Manage an AWS Glue connection name: aws_glue_connection namespace: '' - description: Manage an AWS Glue job name: aws_glue_job namespace: '' - description: Create, Update and Delete Amazon Inspector Assessment Targets name: aws_inspector_target namespace: '' - description: Perform various KMS management tasks. name: aws_kms namespace: '' - description: Gather information about AWS KMS keys name: aws_kms_info namespace: '' - description: Gather information about AWS regions. name: aws_region_info namespace: '' - description: Lists S3 buckets in AWS name: aws_s3_bucket_info namespace: '' - description: Manage CORS for S3 buckets in AWS name: aws_s3_cors namespace: '' - description: Manage secrets stored in AWS Secrets Manager. name: aws_secret namespace: '' - description: Manages SES email and domain identity name: aws_ses_identity namespace: '' - description: Manages SES sending authorization policies name: aws_ses_identity_policy namespace: '' - description: Manages SES inbound receipt rule sets name: aws_ses_rule_set namespace: '' - description: Fetch AWS Storage Gateway information name: aws_sgw_info namespace: '' - description: Manage key-value pairs in aws parameter store. name: aws_ssm_parameter_store namespace: '' - description: Manage AWS Step Functions state machines name: aws_step_functions_state_machine namespace: '' - description: Start or stop execution of an AWS Step Functions state machine. name: aws_step_functions_state_machine_execution namespace: '' - description: Create and delete WAF Conditions name: aws_waf_condition namespace: '' - description: Retrieve information for WAF ACLs, Rule , Conditions and Filters. name: aws_waf_info namespace: '' - description: Create and delete WAF Rules name: aws_waf_rule namespace: '' - description: Create and delete WAF Web ACLs. name: aws_waf_web_acl namespace: '' - description: Read a value from CloudFormation Exports name: cloudformation_exports_info namespace: '' - description: Manage groups of CloudFormation stacks name: cloudformation_stack_set namespace: '' - description: Create, update and delete AWS CloudFront distributions. name: cloudfront_distribution namespace: '' - description: Obtain facts about an AWS CloudFront distribution name: cloudfront_info namespace: '' - description: create invalidations for AWS CloudFront distributions name: cloudfront_invalidation namespace: '' - description: Create, update and delete origin access identities for a CloudFront distribution name: cloudfront_origin_access_identity namespace: '' - description: manage CloudTrail create, delete, update name: cloudtrail namespace: '' - description: Manage CloudWatch Event rules and targets name: cloudwatchevent_rule namespace: '' - description: create or delete log_group in CloudWatchLogs name: cloudwatchlogs_log_group namespace: '' - description: Get information about log_group in CloudWatchLogs name: cloudwatchlogs_log_group_info namespace: '' - description: Manage CloudWatch log group metric filter name: cloudwatchlogs_log_group_metric_filter namespace: '' - description: Create and manage AWS Datapipelines name: data_pipeline namespace: '' - description: Creates or destroys a data migration services endpoint name: dms_endpoint namespace: '' - description: creates or destroys a data migration services subnet group name: dms_replication_subnet_group namespace: '' - description: Create, update or delete AWS Dynamo DB tables name: dynamodb_table namespace: '' - description: Set TTL for a given DynamoDB table name: dynamodb_ttl namespace: '' - description: copies AMI between AWS regions, return new image id name: ec2_ami_copy namespace: '' - description: Create or delete AWS AutoScaling Groups (ASGs) name: ec2_asg namespace: '' - description: Gather information about ec2 Auto Scaling Groups (ASGs) in AWS name: ec2_asg_info namespace: '' - description: Create, delete or update AWS ASG Lifecycle Hooks. name: ec2_asg_lifecycle_hook namespace: '' - description: Manage an AWS customer gateway name: ec2_customer_gateway namespace: '' - description: Gather information about customer gateways in AWS name: ec2_customer_gateway_info namespace: '' - description: manages EC2 elastic IP (EIP) addresses. name: ec2_eip namespace: '' - description: List EC2 EIP details name: ec2_eip_info namespace: '' - description: De-registers or registers instances from EC2 ELBs name: ec2_elb namespace: '' - description: Gather information about EC2 Elastic Load Balancers in AWS name: ec2_elb_info namespace: '' - description: Create & manage EC2 instances name: ec2_instance namespace: '' - description: Gather information about ec2 instances in AWS name: ec2_instance_info namespace: '' - description: Manage EC2 launch templates name: ec2_launch_template namespace: '' - description: Create or delete AWS Autoscaling Launch Configurations name: ec2_lc namespace: '' - description: Find AWS Autoscaling Launch Configurations name: ec2_lc_find namespace: '' - description: Gather information about AWS Autoscaling Launch Configurations. name: ec2_lc_info namespace: '' - description: Create/update or delete AWS Cloudwatch 'metric alarms' name: ec2_metric_alarm namespace: '' - description: Create or delete an EC2 Placement Group name: ec2_placement_group namespace: '' - description: List EC2 Placement Group(s) details name: ec2_placement_group_info namespace: '' - description: Create or delete AWS scaling policies for Autoscaling groups name: ec2_scaling_policy namespace: '' - description: Copies an EC2 snapshot and returns the new Snapshot ID. name: ec2_snapshot_copy namespace: '' - description: Create and delete AWS Transit Gateways name: ec2_transit_gateway namespace: '' - description: Gather information about ec2 transit gateways in AWS name: ec2_transit_gateway_info namespace: '' - description: Manage an AWS VPC Egress Only Internet gateway name: ec2_vpc_egress_igw namespace: '' - description: Create and delete AWS VPC Endpoints. name: ec2_vpc_endpoint namespace: '' - description: Retrieves AWS VPC endpoints details using AWS methods. name: ec2_vpc_endpoint_info namespace: '' - description: Manage an AWS VPC Internet gateway name: ec2_vpc_igw namespace: '' - description: Gather information about internet gateways in AWS name: ec2_vpc_igw_info namespace: '' - description: create and delete Network ACLs. name: ec2_vpc_nacl namespace: '' - description: Gather information about Network ACLs in an AWS VPC name: ec2_vpc_nacl_info namespace: '' - description: Manage AWS VPC NAT Gateways. name: ec2_vpc_nat_gateway namespace: '' - description: Retrieves AWS VPC Managed Nat Gateway details using AWS methods. name: ec2_vpc_nat_gateway_info namespace: '' - description: create, delete, accept, and reject VPC peering connections between two VPCs. name: ec2_vpc_peer namespace: '' - description: Retrieves AWS VPC Peering details using AWS methods. name: ec2_vpc_peering_info namespace: '' - description: Manage route tables for AWS virtual private clouds name: ec2_vpc_route_table namespace: '' - description: Gather information about ec2 VPC route tables in AWS name: ec2_vpc_route_table_info namespace: '' - description: Create and delete AWS VPN Virtual Gateways. name: ec2_vpc_vgw namespace: '' - description: Gather information about virtual gateways in AWS name: ec2_vpc_vgw_info namespace: '' - description: Create, modify, and delete EC2 VPN connections. name: ec2_vpc_vpn namespace: '' - description: Gather information about VPN Connections in AWS. name: ec2_vpc_vpn_info namespace: '' - description: Gets the default administrator password for ec2 windows instances name: ec2_win_password namespace: '' - description: manage ecs attributes name: ecs_attribute namespace: '' - description: Create or terminate ECS clusters. name: ecs_cluster namespace: '' - description: Manage Elastic Container Registry repositories name: ecs_ecr namespace: '' - description: Create, terminate, start or stop a service in ECS name: ecs_service namespace: '' - description: List or describe services in ECS name: ecs_service_info namespace: '' - description: create and remove tags on Amazon ECS resources name: ecs_tag namespace: '' - description: Run, start or stop a task in ecs name: ecs_task namespace: '' - description: register a task definition in ecs name: ecs_taskdefinition namespace: '' - description: Describe a task definition in ECS name: ecs_taskdefinition_info namespace: '' - description: create and maintain EFS file systems name: efs namespace: '' - description: Get information about Amazon EFS file systems name: efs_info namespace: '' - description: Manage cache clusters in Amazon ElastiCache name: elasticache namespace: '' - description: Retrieve information for AWS ElastiCache clusters name: elasticache_info namespace: '' - description: Manage cache parameter groups in Amazon ElastiCache. name: elasticache_parameter_group namespace: '' - description: Manage cache snapshots in Amazon ElastiCache name: elasticache_snapshot namespace: '' - description: manage ElastiCache subnet groups name: elasticache_subnet_group namespace: '' - description: Manage an Application load balancer name: elb_application_lb namespace: '' - description: Gather information about application ELBs in AWS name: elb_application_lb_info namespace: '' - description: Creates or destroys Amazon ELB. name: elb_classic_lb namespace: '' - description: Gather information about EC2 Elastic Load Balancers in AWS name: elb_classic_lb_info namespace: '' - description: De-registers or registers instances from EC2 ELBs name: elb_instance namespace: '' - description: Manage a Network Load Balancer name: elb_network_lb namespace: '' - description: Manage a target in a target group name: elb_target namespace: '' - description: Manage a target group for an Application or Network load balancer name: elb_target_group namespace: '' - description: Gather information about ELB target groups in AWS name: elb_target_group_info namespace: '' - description: Gathers which target groups a target is associated with. name: elb_target_info namespace: '' - description: Execute an AWS Lambda function name: execute_lambda namespace: '' - description: Manage IAM users, groups, roles and keys name: iam namespace: '' - description: Manage server certificates for use on ELBs and CloudFront name: iam_cert namespace: '' - description: Manage AWS IAM groups name: iam_group namespace: '' - description: Manage User Managed IAM policies name: iam_managed_policy namespace: '' - description: List the MFA (Multi-Factor Authentication) devices registered for a user name: iam_mfa_device_info namespace: '' - description: Update an IAM Password Policy name: iam_password_policy namespace: '' - description: Manage inline IAM policies for users, groups, and roles name: iam_policy namespace: '' - description: Retrieve inline IAM policies for users, groups, and roles name: iam_policy_info namespace: '' - description: Manage AWS IAM roles name: iam_role namespace: '' - description: Gather information on IAM roles name: iam_role_info namespace: '' - description: Maintain IAM SAML federation configuration. name: iam_saml_federation namespace: '' - description: Retrieve the information of a server certificate name: iam_server_certificate_info namespace: '' - description: Manage AWS IAM users name: iam_user namespace: '' - description: Gather IAM user(s) facts in AWS name: iam_user_info namespace: '' - description: Manage a Kinesis Stream. name: kinesis_stream namespace: '' - description: Manage AWS Lambda functions name: lambda namespace: '' - description: Creates, updates or deletes AWS Lambda function aliases name: lambda_alias namespace: '' - description: Creates, updates or deletes AWS Lambda function event mappings name: lambda_event namespace: '' - description: Gathers AWS Lambda function details as Ansible facts name: lambda_facts namespace: '' - description: Gathers AWS Lambda function details name: lambda_info namespace: '' - description: Creates, updates or deletes AWS Lambda policy statements. name: lambda_policy namespace: '' - description: Manage instances in AWS Lightsail name: lightsail namespace: '' - description: create, delete, or modify Amazon rds instances, rds snapshots, and related facts name: rds namespace: '' - description: Manage RDS instances name: rds_instance namespace: '' - description: obtain information about one or more RDS instances name: rds_instance_info namespace: '' - description: manage RDS parameter groups name: rds_param_group namespace: '' - description: manage Amazon RDS snapshots. name: rds_snapshot namespace: '' - description: obtain information about one or more RDS snapshots name: rds_snapshot_info namespace: '' - description: manage RDS database subnet groups name: rds_subnet_group namespace: '' - description: Manage Redshift Cross Region Snapshots name: redshift_cross_region_snapshots namespace: '' - description: Gather information about Redshift cluster(s) name: redshift_info namespace: '' - description: add or delete entries in Amazons Route53 DNS service name: route53 namespace: '' - description: Add or delete health-checks in Amazons Route53 DNS service name: route53_health_check namespace: '' - description: Retrieves route53 details using AWS methods name: route53_info namespace: '' - description: add or delete Route53 zones name: route53_zone namespace: '' - description: Creates, updates or deletes S3 Bucket notification for lambda name: s3_bucket_notification namespace: '' - description: Manage s3 bucket lifecycle rules in AWS name: s3_lifecycle namespace: '' - description: Manage logging facility of an s3 bucket in AWS name: s3_logging namespace: '' - description: Efficiently upload multiple files to S3 name: s3_sync namespace: '' - description: Configure an s3 bucket as a website name: s3_website namespace: '' - description: Send Amazon Simple Notification Service messages name: sns namespace: '' - description: Manages AWS SNS topics and subscriptions name: sns_topic namespace: '' - description: Creates or deletes AWS SQS queues. name: sqs_queue namespace: '' - description: Assume a role using AWS Security Token Service and obtain temporary credentials name: sts_assume_role namespace: '' - description: Obtain a session token from the AWS Security Token Service name: sts_session_token namespace: '' release_date: '2020-06-24' 1.1.0: changes: deprecated_features: - data_pipeline - the ``version`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. - ec2_eip - the ``wait_timeout`` option has been deprecated and will be removed in a later release. It has had no effect since Ansible 2.3. - ec2_lc - the ``associate_public_ip_address`` option has been deprecated and will be removed after a later release. It has always been ignored by the module. - elb_network_lb - in a later release, the default behaviour for the ``state`` option will change from ``absent`` to ``present``. To maintain the existing behavior explicitly set state to ``absent``. - iam_managed_policy - the ``fail_on_delete`` option has been deprecated and will be removed after a later release. It has always been ignored by the module. - iam_policy - in a later release, the default value for the ``skip_duplicates`` option will change from ``true`` to ``false``. To maintain the existing behavior explicitly set it to ``true``. - iam_policy - the ``policy_document`` option has been deprecated and will be removed after a later release. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin. - iam_role - in a later release, the ``purge_policies`` option (also know as ``purge_policy``) default value will change from ``true`` to ``false`` - s3_lifecycle - the ``requester_pays`` option has been deprecated and will be removed after a later release. It has always been ignored by the module. - s3_sync - the ``retries`` option has been deprecated and will be removed after 2022-06-01. It has always been ignored by the module. minor_changes: - Remaining community.aws AnsibleModule based modules migrated to AnsibleAWSModule. - sanity - add future imports in all missing places. fragments: - 173-ansibleawsmodule.yaml - porting-guide.yml - sanity_fix_future_boilerplate.yml release_date: '2020-08-13' 1.2.0: changes: bugfixes: - aws_codecommit - fixes issue where module execution would fail if an existing repository has empty description (https://github.com/ansible-collections/community.aws/pull/195) - aws_kms_info - fixes issue where module execution fails because certain AWS KMS keys (e.g. aws/acm) do not permit the calling the API kms:GetKeyRotationStatus (example - https://forums.aws.amazon.com/thread.jspa?threadID=312992) (https://github.com/ansible-collections/community.aws/pull/199) - ec2_instance - Fix a bug where tags were updated in check_mode. - ec2_instance - fixes issue where security groups were not changed if the instance already existed. https://github.com/ansible-collections/community.aws/pull/22 - iam - Fix false positive warning regarding use of ``no_log`` on ``update_password`` minor_changes: - Add retries for aws_api_gateway when AWS throws ``TooManyRequestsException`` - Migrate the remaning boto3 based modules to the module based helpers for creating AWS connections. fragments: - 161-retries.yml - 188-boto3_conn.yml - 189-ec2_instance-check_mode-tags.yml - 195-aws_codecommit-empty-description.yaml - 199-aws_kms_info-key-rotation-status.yaml - 22-ec2_instance-mod-sgs.yml - iam_no_log.yml release_date: '2020-08-28' 1.2.1: changes: bugfixes: - aws_ssm connection plugin - namespace file uploads to S3 into unique folders per host, to prevent name collisions. Also deletes files from S3 to ensure temp files are not left behind. (https://github.com/ansible-collections/community.aws/issues/221, https://github.com/ansible-collections/community.aws/issues/222) - rds_instance - fixed tag type conversion issue for creating read replicas. minor_changes: - aws_ssm connection plugin - Change the (internal) variable name from timeout to plugin_timeout to avoid conflicts with ansible/ansible default timeout (#69284, - aws_ssm connection plugin - add STS token options to aws_ssm connection plugin. - ec2_scaling_policy - Add support for step_adjustments - ec2_scaling_policy - Migrate from boto to boto3 - rds_subnet_group module - Add Boto3 support and remove Boto support. fragments: - 197-ec2_scaling_policy-boto3.yml - 221_222_ssm_bucket_operations.yaml - 224-port-rds_subnet_group-boto3.yaml - 229-fix-type-conversion-for-creating-read-replicas.yaml - 234-fix_ssm_inventory_plugin_timeout_var.yaml - 25-add-sts-token-to-aws-ssm-conn-plugin.yaml release_date: '2020-10-07' 1.3.0: changes: bugfixes: - aws_kms_info - fixed incompatibility with external and custom key-store keys. The module was attempting to call ``GetKeyRotationStatus``, which raises ``UnsupportedOperationException`` for these key types (https://github.com/ansible-collections/community.aws/pull/311). - ec2_win_password - on success return state as not changed (https://github.com/ansible-collections/community.aws/issues/145) - ec2_win_password - return failed if unable to decode the password (https://github.com/ansible-collections/community.aws/issues/142) - ecs_service - fix element type for ``load_balancers`` parameter (https://github.com/ansible-collections/community.aws/issues/265). - ecs_taskdefinition - fixes elements type for ``containers`` parameter (https://github.com/ansible-collections/community.aws/issues/264). - iam_policy - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). - iam_policy_info - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). - kinesis_stream - fixes issue where kinesis streams with > 100 shards get stuck in an infinite loop (https://github.com/ansible-collections/community.aws/pull/93) - s3_sync - fix chunk_size calculation (https://github.com/ansible-collections/community.aws/issues/272) deprecated_features: - ec2_vpc_igw_info - After 2022-06-22 the ``convert_tags`` parameter default value will change from ``False`` to ``True`` to match the collection standard behavior (https://github.com/ansible-collections/community.aws/pull/318). minor_changes: - ec2_vpc_igw - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). - ec2_vpc_igw - Add ``purge_tags`` parameter so that tags can be added without purging existing tags to match the collection standard tagging behaviour (https://github.com/ansible-collections/community.aws/pull/318). - ec2_vpc_igw_info - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). - ec2_vpc_igw_info - Add ``convert_tags`` parameter so that tags can be returned in standard dict format rather than the both list of dict format (https://github.com/ansible-collections/community.aws/pull/318). - rds_instance - set ``no_log=False`` on ``force_update_password`` to clear warning (https://github.com/ansible-collections/community.aws/issues/241). - redshift - add support for setting tags. - s3_lifecycle - Add support for intelligent tiering and deep archive storage classes (https://github.com/ansible-collections/community.aws/issues/270) fragments: - 244-rds_instance-no_log.yml - 264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml - 265-fix-element-type-ecs_service.yml - 270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml - 273-fix-s3sync-etag-calculation.yaml - 283-fixed-ec2_win_password-return-state.yaml - 311-fix-aws_kms_info-external-keys.yaml - 318-cleanup-vpc_igw.yml - 324-add-jittered-backoff-to-iam_policy-modules.yaml - 34-redshift-tags.yml - 93-kinesis_stream-get-more-shards-resolve.yml modules: - description: Manage s3 bucket metrics configuration in AWS name: s3_metrics_configuration namespace: '' release_date: '2020-12-10' 1.4.0: changes: bugfixes: - aws_kms - fixes issue where module execution fails without the kms:GetKeyRotationStatus permission. (https://github.com/ansible-collections/community.aws/pull/200). - aws_kms_info - ensure that searching by tag works when tag only exists on some CMKs (https://github.com/ansible-collections/community.aws/issues/276). - aws_s3_cors - fix element type for rules parameter. (https://github.com/ansible-collections/community.aws/pull/408). - aws_ssm - fix the generation of CURL URL used to download Ansible Python file from S3 bucket by ``_get_url()`` due to due to non-assignment of aws region in the URL and not using V4 signature as specified for AWS S3 signature URL by ``_get_boto_client()`` in (https://github.com/ansible-collections/community.aws/pull/352). - aws_ssm - fixed ``UnicodeEncodeError`` error when using unicode file names (https://github.com/ansible-collections/community.aws/pull/295). - ec2_eip - fix eip association by instance id & private ip address due to case-sensitivity of the ``PrivateIpAddress`` parameter (https://github.com/ansible-collections/community.aws/pull/328). - ec2_vpc_endpoint - ensure ``changed`` is correctly set when deleting an endpoint (https://github.com/ansible-collections/community.aws/pull/362). - ec2_vpc_endpoint - fix exception when attempting to delete an endpoint which has already been deleted (https://github.com/ansible-collections/community.aws/pull/362). - ecs_task - use ``required_if`` to enforce mandatory parameters based on specified operation (https://github.com/ansible-collections/community.aws/pull/402). - elb_application_lb - during the removal of an instance, the associated listeners are also removed. deprecated_features: - ec2_eip - formally deprecate the ``instance_id`` alias for ``device_id`` (https://github.com/ansible-collections/community.aws/pull/349). - ec2_vpc_endpoint - deprecate the policy_file option and recommend using policy with a lookup (https://github.com/ansible-collections/community.aws/pull/366). minor_changes: - aws_kms - add support for setting the deletion window using ``pending_window`` (PendingWindowInDays) (https://github.com/ansible-collections/community.aws/pull/200). - aws_kms_info - Add ``key_id`` and ``alias`` parameters to support fetching a single key (https://github.com/ansible-collections/community.aws/pull/200). - dynamodb_ttl - use ``botocore_at_least`` helper for checking the available botocore version (https://github.com/ansible-collections/community.aws/pull/280). - ec2_instance - add automatic retries on all paginated queries for temporary errors (https://github.com/ansible-collections/community.aws/pull/373). - ec2_instance - migrate to shared implementation of get_ec2_security_group_ids_from_names. The module will now return an error if the subnet provided isn't in the requested VPC. (https://github.com/ansible-collections/community.aws/pull/214) - ec2_instance_info - added ``minimum_uptime`` option with alias ``uptime`` for filtering instances that have only been online for certain duration of time in minutes (https://github.com/ansible-collections/community.aws/pull/356). - ec2_launch_template - Add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/326). - ec2_vpc_peer - use ``botocore_at_least`` helper for checking the available botocore version (https://github.com/ansible-collections/community.aws/pull/280). - ecs_task - use ``botocore_at_least`` helper for checking the available botocore version (https://github.com/ansible-collections/community.aws/pull/280). - route53 - migrated from boto to boto3 (https://github.com/ansible-collections/community.aws/pull/405). - various community.aws modules - cleanup error handling to use ``is_boto3_error_code`` and ``is_boto3_error_message`` helpers (https://github.com/ansible-collections/community.aws/pull/268). - various community.aws modules - cleanup of Python imports (https://github.com/ansible-collections/community.aws/pull/360). - various community.aws modules - improve consistency of handling Boto3 exceptions (https://github.com/ansible-collections/community.aws/pull/268). - various community.aws modules - migrate exception error message handling from fail_json to fail_json_aws (https://github.com/ansible-collections/community.aws/pull/361). fragments: - 200-aws_kms-deletion.yaml - 214-get_ec2_security_group_ids_from_names.yml - 268-is_boto3_error.yml - 280-cleanup-botocore_at_least.yml - 295-connection-aws_ssm.yml - 326-launch_template_retry.yml - 328-fix-ec2_eip-instance-id-private-ip-address.yml - 349-ec2_eip-deprecate-instance_id.yml - 350_elb_application_lb_purges_listeners.yaml - 352-fix-aws-region-and-v4-signature-for-s3-boto-client.yml - 356_add_minimum_uptime_parameter.yaml - 360-imports-cleanup.yml - 361-fail_json_aws.yml - 362-ec2_vpc_endpoint-deletion-changed.yml - 366-ec2_vpc_endpoint-policy_file.yml - 373-ec2_instance-retry-pagination.yml - 402-ecs_task-mandatory_params.yml - 404-fix-dict-element-for-rule-param-in-aws-s3-cors.yml - 405-route53-boto3.yml release_date: '2021-02-16' 1.5.0: changes: bugfixes: - aws_ssm - Adds destructor to SSM connection plugin to ensure connections are properly cleaned up after usage (https://github.com/ansible-collections/community.aws/pull/542). - aws_ssm - enable aws ssm connections if **AWS_SESSION_TOKEN** is missing (https://github.com/ansible-collections/community.aws/pull/535). - cloudtrail - fix always reporting changed = true when kms alias used (https://github.com/ansible-collections/community.aws/pull/506). - cloudtrail - fix lower casing of tag keys (https://github.com/ansible-collections/community.aws/pull/506). - ec2_asg - fix target group update logic (https://github.com/ansible-collections/community.aws/pull/493). - ec2_instance - ensure that termination protection isn't modified when using check_mode (https://github.com/ansible/ansible/issues/67716). - ec2_instance - fix key errors when instance has no tags (https://github.com/ansible-collections/community.aws/pull/476). - ec2_launch_template - ensure that empty parameters are properly removed before passing to AWS (https://github.com/ansible-collections/community.aws/issues/230). - ec2_launch_template - fixes parameter validation failure when passing a instance profile ARN instead of just the role name (https://github.com/ansible-collections/community.aws/pull/371). - ec2_vpc_peer - fix idempotency when rejecting and deleting peering connections (https://github.com/ansible-collections/community.aws/pull/501). - ec2_vpc_route_table - catch RouteAlreadyExists error when rerunning same task twice to make module idempotent (https://github.com/ansible-collections/community.aws/issues/357). - elasticache - Fix ``KeyError`` issue when updating security group (https://github.com/ansible-collections/community.aws/pull/410). - kinesis_stream - fixed issue where streams get marked as changed even if no encryption actions were necessary (https://github.com/ansible/ansible/issues/65928). - rds_instance - fixes bug preventing the use of tags when creating an RDS instance from a snapshot (https://github.com/ansible-collections/community.aws/issues/530). - route53 - ensure that the old return values are re-added along side the new ones (https://github.com/ansible-collections/community.aws/issues/523). - route53 - fix ``AttributeError`` in ``get_zone_id_by_name`` when a vpc_id on a private zone is provided (https://github.com/ansible-collections/community.aws/issues/509). - route53 - fix handling for characters escaped by AWS in record names, like ``*`` and ``@``. This fixes idempotency for such record names (https://github.com/ansible-collections/community.aws/issues/524). - route53 - fix when using ``state=get`` on private DNS zones and add tests to cover this scenario (https://github.com/ansible-collections/community.aws/pull/424). - route53 - make sure that CAA values order is again ignored during idempotency comparsion (https://github.com/ansible-collections/community.aws/issues/524). - sns_topic - Add ``+`` to allowable characters in SMS endpoints (https://github.com/ansible-collections/community.aws/pull/454). - sqs_queue - fix UnboundLocalError when passing a boolean parameter (https://github.com/ansible-collections/community.aws/issues/172). deprecated_features: - ec2_vpc_endpoint_info - the ``query`` option has been deprecated and will be removed after 2022-12-01 (https://github.com/ansible-collections/community.aws/pull/346). The ec2_vpc_endpoint_info now defaults to listing information about endpoints. The ability to search for information about available services has been moved to the dedicated module ``ec2_vpc_endpoint_service_info``. minor_changes: - aws_config_aggregator - Fix typos in attribute names (https://github.com/ansible-collections/community.aws/pull/553). - aws_glue_connection - Added multple connection types (https://github.com/ansible-collections/community.aws/pull/503). - aws_glue_connection - Added support for check mode (https://github.com/ansible-collections/community.aws/pull/503). - aws_glue_job - added ``number_of_workers``, ``worker_type`` and ``glue_version`` attributes to the module (https://github.com/ansible-collections/community.aws/pull/370). - aws_region_info - Add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/422). - aws_s3_bucket_info - new module options ``name``, ``name_filter``, ``bucket_facts`` and ``transform_location`` (https://github.com/ansible-collections/community.aws/pull/260). - aws_ssm connection plugin - add support for specifying a profile to be used when connecting (https://github.com/ansible-collections/community.aws/pull/278). - aws_ssm_parameter_store - added tier parameter option (https://github.com/ansible/ansible/issues/59738). - ec2_asg module - add support for all mixed_instances_policy parameters (https://github.com/ansible-collections/community.aws/issues/231). - ec2_asg_info - gather information about asg lifecycle hooks (https://github.com/ansible-collections/community.aws/pull/233). - ec2_instance - wait for new instances to return a status before attempting to set additional parameters (https://github.com/ansible-collections/community.aws/pull/533). - ec2_instance_info - add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/521). - ec2_launch_template - added ``metadata_options`` parameter to support changing the IMDS configuration for instances (https://github.com/ansible-collections/community.aws/pull/322). - ec2_metric_alarm - Added support for check mode (https://github.com/ansible-collections/community.aws/pull/470). - ec2_metric_alarm - Made ``unit`` parameter optional (https://github.com/ansible-collections/community.aws/pull/470). - ec2_vpc_egress_igw - Add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/421). - ec2_vpc_endpoint - Add retries on common AWS failures. (https://github.com/ansible-collections/community.aws/pull/473) - ec2_vpc_endpoint - Added support for specifying ``vpc_endpoint_type`` (https://github.com/ansible-collections/community.aws/pull/460). - ec2_vpc_endpoint - The module now supports tagging endpoints. (https://github.com/ansible-collections/community.aws/pull/473) - ec2_vpc_endpoint - The module will now lookup existing endpoints and try to match on the provided parameters before creating a new endpoint for better idempotency. (https://github.com/ansible-collections/community.aws/pull/473) - ec2_vpc_endpoint_info - ensure paginated endpoint description is retried on common AWS failures (https://github.com/ansible-collections/community.aws/pull/537). - ec2_vpc_endpoint_info - use boto3 paginator when fetching services (https://github.com/ansible-collections/community.aws/pull/537). - ec2_vpc_endpoint_service_info - new module added for fetching information about available VPC endpoint services (https://github.com/ansible-collections/community.aws/pull/346). - ec2_vpc_nacl - add support for IPv6 (https://github.com/ansible-collections/community.aws/pull/398). - ec2_vpc_nat_gateway - add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/427). - ec2_vpc_nat_gateway - code cleaning (https://github.com/ansible-collections/community.aws/pull/445) - ec2_vpc_nat_gateway - imporove documentation (https://github.com/ansible-collections/community.aws/pull/445) - ec2_vpc_nat_gateway - improve error handling (https://github.com/ansible-collections/community.aws/pull/445) - ec2_vpc_nat_gateway - use custom waiters to manage NAT gateways states (deleted and available) (https://github.com/ansible-collections/community.aws/pull/445) - ec2_vpc_nat_gateway - use pagination on describe calls to ensure all results are fetched (https://github.com/ansible-collections/community.aws/pull/427). - ec2_vpc_nat_gateway_info - Add paginator (https://github.com/ansible-collections/community.aws/pull/472). - ec2_vpc_nat_gateway_info - Improve documentation (https://github.com/ansible-collections/community.aws/pull/472). - ec2_vpc_nat_gateway_info - Improve error handling (https://github.com/ansible-collections/community.aws/pull/472) - ec2_vpc_nat_gateway_info - Use normalize_boto3_result (https://github.com/ansible-collections/community.aws/pull/472) - ec2_vpc_nat_gateway_info - solve RequestLimitExceeded error by adding retry decorator (https://github.com/ansible-collections/community.aws/pull/446) - ec2_vpc_peer - More return info added, also simplified module code a bit and extended tests (https://github.com/ansible-collections/community.aws/pull/355) - ec2_vpc_peer - add support for waiting on state changes (https://github.com/ansible-collections/community.aws/pull/501). - ec2_vpc_peering_info - add ``vpc_peering_connections`` return value to be consistent with boto3 modules (https://github.com/ansible-collections/community.aws/pull/501). - ec2_vpc_peering_info - add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/536). - ec2_vpc_route_table - add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/442). - ec2_vpc_route_table - add boto3 pagination for some searches (https://github.com/ansible-collections/community.aws/pull/442). - ec2_vpc_route_table_info - migrate to boto3 (https://github.com/ansible-collections/community.aws/pull/442). - ec2_vpc_vgw - Add automatic retries for recoverable errors (https://github.com/ansible-collections/community.aws/pull/162). - ec2_vpc_vpn - Add automatic retries for recoverable errors (https://github.com/ansible-collections/community.aws/pull/162). - ecs_service - Add ``platform_version`` parameter to ``ecs_service`` (https://github.com/ansible-collections/community.aws/pull/353). - ecs_task - added ``assign_public_ip`` option for network_configuration (https://github.com/ansible-collections/community.aws/pull/395). - ecs_taskdefinition - Documentation improvement (https://github.com/ansible-collections/community.aws/issues/520) - elasticache - Improve docs a little, add intgration tests (https://github.com/ansible-collections/community.aws/pull/410). - elb_classic_info - If the provided load balancer doesn't exist, return an empty list instead of throwing an error. (https://github.com/ansible-collections/community.aws/pull/215). - elb_target_group - Add elb target group attributes ``stickiness_app_cookie_name`` and ``stickiness_app_cookie_duration_seconds``. Also update docs for stickiness_type to mention application cookie (https://github.com/ansible-collections/community.aws/pull/548) - iam - Make iam module more predictable when returning the ``user_name`` it creates or deletes (https://github.com/ansible-collections/community.aws/pull/369). - iam_saml_federation - module now returns the state of the provider when no changes are made (https://github.com/ansible-collections/community.aws/pull/419). - kinesis_stream - check_mode is now based on the live settings rather than comparisons with a hard coded/fake stream definition (https://github.com/ansible-collections/community.aws/pull/27). - kinesis_stream - now returns changed more accurately (https://github.com/ansible-collections/community.aws/pull/27). - kinesis_stream - now returns tags consistently (https://github.com/ansible-collections/community.aws/pull/27). - kinesis_stream - return values are now the same format when working with both encrypted and un-encrypted streams (https://github.com/ansible-collections/community.aws/pull/27). - lambda_alias - add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/396). - lambda_alias - use common helper functions to create AWS connections (https://github.com/ansible-collections/community.aws/pull/396). - lambda_alias - use common helper functions to perform snake_case to CamelCase conversions (https://github.com/ansible-collections/community.aws/pull/396). - rds_instance - new ``purge_security_groups`` parameter (https://github.com/ansible-collections/community.aws/issues/385). - rds_param_group - Add AWSRetry (https://github.com/ansible-collections/community.aws/pull/532). - rds_param_group - Fix integration tests (https://github.com/ansible-collections/community.aws/pull/532). - rds_param_group - Support check_mode (https://github.com/ansible-collections/community.aws/pull/532). - rds_snapshot - added to the aws module_defaults group (https://github.com/ansible-collections/community.aws/pull/515). - route53 - fixes AWS API error when attempting to create Alias records (https://github.com/ansible-collections/community.aws/issues/434). - s3_lifecycle - Add a ``wait`` parameter to wait for changes to propagate after being set (https://github.com/ansible-collections/community.aws/pull/448). - s3_lifecycle - Add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/448). - s3_lifecycle - Fix idempotency when using dates instead of days (https://github.com/ansible-collections/community.aws/pull/448). - s3_logging - added support for check_mode (https://github.com/ansible-collections/community.aws/pull/447). - s3_logging - migrated from boto to boto3 (https://github.com/ansible-collections/community.aws/pull/447). - s3_sync - new ``storage_class`` feature allowing to specify the storage class when any object is added to an S3 bucket (https://github.com/ansible-collections/community.aws/issues/358). - sanity tests - add ignore.txt for 2.12 (https://github.com/ansible-collections/community.aws/pull/527). - state_machine_arn - return ``state_machine_arn`` when state is unchanged (https://github.com/ansible-collections/community.aws/pull/302). security_fixes: - aws_direct_connect_virtual_interface - mark the ``authentication_key`` parameter as ``no_log`` to avoid accidental leaking of secrets in logs (https://github.com/ansible-collections/community.aws/pull/475). - aws_secret - flag the ``secret`` parameter as containing sensitive data which shouldn't be logged (https://github.com/ansible-collections/community.aws/pull/471). - sts_assume_role - mark the ``mfa_token`` parameter as ``no_log`` to avoid accidental leaking of secrets in logs (https://github.com/ansible-collections/community.aws/pull/475). - sts_session_token - mark the ``mfa_token`` parameter as ``no_log`` to avoid accidental leaking of secrets in logs (https://github.com/ansible-collections/community.aws/pull/475). fragments: - 162-vgw-retries.yml - 23-kinesis_stream-changed.yml - 230-ec2_launch_template-None-types.yml - 232-fully-support-mixed-instances-policy.yaml - 233-info-about-asg-lifecycle-hooks.yaml - 260-extending-s3_bucket_info-module.yml - 27-kinesis_stream-do-not-mark-as-changed-no-enc-actions.yaml - 278-aws_ssm-profile-support.yml - 302-aws_step_functions_state_machine-ARN-not-change.yml - 305-aws-ssm-parameter-tier-option.yml - 322-ec2_launch_template-add-metadata_options.yml - 346-ec2_vpc_endpoint_service_info.yml - 353-add_platform_to_ecs_service.yml - 355-ec2_vpc_peer_improvements.yml - 359-fix-ec2_vpc_route_table.yml - 369-iam-return-values.yml - 370_add_attributes_glue_module.yaml - 371-ec2_launch_template-profile-arn.yml - 389-sqs-queue-UnboundLocalError.yml - 395_add_assign_public_ip.yaml - 396-lambda_alias.yml - 398-ec2-vpc-nacl-add-ipv6.yaml - 406-elb_classic_info-return-empty-list.yml - 406-route53-state-get.yml - 410-elasticache-fixes.yml - 414-rds_instance-tags-on-creation-from-snapshot.yml - 419-iam_saml_federation-results.yml - 421-ec2_vpc_egress_igw-retry.yml - 422-aws_region_info-retry.yml - 427-ec2_vpc_nat_gateway-stability.yml - 442-ec2_vpc_route_table-stability.yml - 445-ec2_vpc_nat_gateway-cleanup.yml - 446-ec2_vpc_nat_gateway_info_stability.yml - 447-s3_logging-boto3.yml - 448-s3_lifecycle-stability.yml - 454-sns_topic_fix_sms_endpoint_canonicalization.yaml - 460-add-support-for-vpc-endpoint-type.yml - 470-ec2_metric_alarm-unit-optional.yml - 471-no_log.yml - 472-ec2_vpc_nat_gateway_info-stability.yml - 473-ec2_vpc_endpoint_stabilization.yml - 475-no_log-missing.yml - 476-ec2_instance_fix_key_error_when_instance_has_no_tags.yaml - 493-ec2_asg_tg_updates.yaml - 497-s3_sync-add-storage_class.yaml - 500-rds_instance-purge-sg-option.yml - 501-vpc_peering_connections.yml - 502-route53-aliases.yml - 503-aws_glue_connection-types-check-mode.yml - 505-ec2_instance-terminate_protection.yml - 506-cloudtrail_fix_always_reporting_changed_with_kms_alias.yaml - 510-fix-route53-private-zone-vpc.yaml - 515-rds_snapshot-aws-group.yml - 521-ec2_instance_info-retries.yml - 525-route53-idempotency-regressions.yml - 528-route_53-return-values.yml - 532-ec2_instance-wait-status.yml - 532-rds_param_group-fix.yml - 534-ecs_taskdefinition-depends_on-feature.yaml - 535-aws-ssm-session-token-missing.yml - 536-ec2_vpc_peering_info-retry.yml - 537-ec2_vpc_endpoint_info-retries.yml - 542-ensure-ssm-plugin-terminates-connections.yml - 548-elb-target-group-app-stickiness.yaml - 553-aws_config_aggregator-fix-organization-source.yml - ignore_212.yml modules: - description: retrieves AWS VPC endpoint service details name: ec2_vpc_endpoint_service_info namespace: '' - description: wafv2_ip_set name: wafv2_ip_set namespace: '' - description: Get information about wafv2 ip sets name: wafv2_ip_set_info namespace: '' - description: wafv2_web_acl name: wafv2_resources namespace: '' - description: wafv2_resources_info name: wafv2_resources_info namespace: '' - description: wafv2_web_acl name: wafv2_rule_group namespace: '' - description: wafv2_web_acl_info name: wafv2_rule_group_info namespace: '' - description: wafv2_web_acl name: wafv2_web_acl namespace: '' - description: wafv2_web_acl name: wafv2_web_acl_info namespace: '' release_date: '2021-04-27' 2.0.0: changes: breaking_changes: - ec2_instance - The module has been migrated to the ``amazon.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_instance``. - ec2_instance_info - The module has been migrated to the ``amazon.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_instance_info``. - ec2_vpc_endpoint - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_endpoint``. - ec2_vpc_endpoint_facts - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_endpoint_info``. - ec2_vpc_endpoint_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_endpoint_info``. - ec2_vpc_endpoint_service_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_endpoint_service_info``. - ec2_vpc_igw - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_igw``. - ec2_vpc_igw_facts - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_igw_info``. - ec2_vpc_igw_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_igw_info``. - ec2_vpc_nat_gateway - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_nat_gateway``. - ec2_vpc_nat_gateway_facts - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_nat_gateway_info``. - ec2_vpc_nat_gateway_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_nat_gateway_info``. - kms_info - key details are now returned in the ``kms_keys`` attribute rather than the ``keys`` attribute (https://github.com/ansible-collections/community.aws/pull/648). bugfixes: - aws_secret - fix deletion idempotency when not using instant deletion (https://github.com/ansible-collections/community.aws/pull/681). - aws_ssm - rename ``retries`` to ``reconnection_retries`` to avoid conflict with task retries - ec2_vpc_peer - automatically retry when attempting to tag freshly created peering connections (https://github.com/ansible-collections/community.aws/pull/614). - ec2_vpc_route_table - automatically retry when attempting to modify freshly created route tables (https://github.com/ansible-collections/community.aws/pull/616). - ecs_taskdefinition - ensure cast to integer (https://github.com/ansible-collections/community.aws/pull/574). - ecs_taskdefinition - fix idempotency (https://github.com/ansible-collections/community.aws/pull/574). - ecs_taskdefinition - fix typo in ecs task defination for env file validations (https://github.com/ansible-collections/community.aws/pull/600). - iam_role - Modified iam_role internal code to replace update_role_description with update_role (https://github.com/ansible-collections/community.aws/pull/697). - route53 - fix typo in waiter configuration that prevented management of the delays (https://github.com/ansible-collections/community.aws/pull/564). - s3_sync - fix handling individual file path to upload a individual file to s3 bucket (https://github.com/ansible-collections/community.aws/pull/692). - sqs_queue - fix queue attribute comparison to make module idempotent (https://github.com/ansible-collections/community.aws/pull/592). deprecated_features: - ec2_elb - the ``ec2_elb`` module has been removed and redirected to the ``elb_instance`` module which functions identically. The original ``ec2_elb`` name is now deprecated and will be removed in release 3.0.0 (https://github.com/ansible-collections/community.aws/pull/586). - ec2_elb_info - the boto based ``ec2_elb_info`` module has been deprecated in favour of the boto3 based ``elb_classic_lb_info`` module. The ``ec2_elb_info`` module will be removed in release 3.0.0 (https://github.com/ansible-collections/community.aws/pull/586). - elb_classic_lb - the ``elb_classic_lb`` module has been removed and redirected to the ``amazon.aws.ec2_elb_lb`` module which functions identically. - iam - the boto based ``iam`` module has been deprecated in favour of the boto3 based ``iam_user``, ``iam_group`` and ``iam_role`` modules. The ``iam`` module will be removed in release 3.0.0 (https://github.com/ansible-collections/community.aws/pull/664). - rds - the boto based ``rds`` module has been deprecated in favour of the boto3 based ``rds_instance`` module. The ``rds`` module will be removed in release 3.0.0 (https://github.com/ansible-collections/community.aws/pull/663). - script_inventory_ec2 - The ec2.py inventory script is being moved to a new repository. The script can now be downloaded from https://github.com/ansible-community/contrib-scripts/blob/main/inventory/ec2.py and will be removed from this collection in the 3.0 release. We recommend migrating from the script to the ``amazon.aws.ec2`` inventory plugin. major_changes: - community.aws collection - The community.aws collection has dropped support for ``botocore<1.18.0`` and ``boto3<1.15.0`` (https://github.com/ansible-collections/community.aws/pull/711). Most modules will continue to work with older versions of the AWS SDK, however compatibility with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/amazon.aws/pull/442). minor_changes: - aws_eks_cluster - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - aws_kms_info - use a generator rather than list comprehension (https://github.com/ansible-collections/community.aws/pull/688). - aws_s3_bucket_info - added test for botocore>=1.18.11 when attempting to fetch bucket ownership controls (https://github.com/ansible-collections/community.aws/pull/682) - aws_ses_rule_set - use a generator rather than list comprehension (https://github.com/ansible-collections/community.aws/pull/688). - aws_sgw_info - ensure module runs in check_mode (https://github.com/ansible-collections/community.aws/issues/659). - cloudformation_exports_info - ensure module runs in check_mode (https://github.com/ansible-collections/community.aws/issues/659). - cloudformation_stack_set - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - cloudfront_info - ensure module runs in check_mode (https://github.com/ansible-collections/community.aws/issues/659). - cloudwatchevent_rule - use a generator rather than list comprehension (https://github.com/ansible-collections/community.aws/pull/688). - dynamodb_table - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - dynamodb_ttl - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ec2_ami_copy - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ec2_asg - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ec2_asg_info - ensure module runs in check_mode (https://github.com/ansible-collections/community.aws/issues/659). - ec2_launch_template - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ec2_lc_info - ensure module runs in check_mode (https://github.com/ansible-collections/community.aws/issues/659). - ec2_transit_gateway - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ec2_transit_gateway_info - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ec2_vpc_peer - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ec2_vpc_peer - use shared code for tagging peering connections (https://github.com/ansible-collections/community.aws/pull/614). - ec2_vpc_route_table - use shared code for tagging route tables (https://github.com/ansible-collections/community.aws/pull/616). - ec2_vpc_vgw - fix arguments-renamed pylint issue (https://github.com/ansible-collections/community.aws/pull/686). - ec2_vpc_vpn - fix arguments-renamed pylint issue (https://github.com/ansible-collections/community.aws/pull/686). - ecs_ecr - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ecs_service - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ecs_task - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - ecs_task - remove unused import (https://github.com/ansible-collections/community.aws/pull/686). - ecs_taskdefinition - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - efs - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - efs_info - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - elasticache_subnet_group - add return values (https://github.com/ansible-collections/community.aws/pull/723). - elasticache_subnet_group - add support for check_mode (https://github.com/ansible-collections/community.aws/pull/723). - elasticache_subnet_group - module migrated to boto3 AWS SDK (https://github.com/ansible-collections/community.aws/pull/723). - elb_application_lb - added ``ip_address_type`` parameter to support changing application load balancer configuration (https://github.com/ansible-collections/community.aws/pull/499). - elb_application_lb_info - added ``ip_address_type`` in output when gathering application load balancer parameters (https://github.com/ansible-collections/community.aws/pull/499). - elb_instance - make elb_instance idempotent when deregistering instances. Merged from ec2_elb U(https://github.com/ansible/ansible/pull/31660). - elb_network_lb - added ``ip_address_type`` parameter to support changing network load balancer configuration (https://github.com/ansible-collections/community.aws/pull/499). - elb_target_group - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - elb_target_group - use a generator rather than list comprehension (https://github.com/ansible-collections/community.aws/pull/688). - iam - use a generator rather than list comprehension (https://github.com/ansible-collections/community.aws/pull/688). - iam_group - use a generator rather than list comprehension (https://github.com/ansible-collections/community.aws/pull/688). - iam_mfa_device_info - ensure module runs in check_mode (https://github.com/ansible-collections/community.aws/issues/659). - iam_role - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - iam_role - use a generator rather than list comprehension (https://github.com/ansible-collections/community.aws/pull/688). - iam_server_certificate_info - ensure module runs in check_mode (https://github.com/ansible-collections/community.aws/issues/659). - iam_user - use a generator rather than list comprehension (https://github.com/ansible-collections/community.aws/pull/688). - kms_info - added a new ``keys_attr`` parameter to continue returning the key details in the ``keys`` attribute as well as the ``kms_keys`` attribute (https://github.com/ansible-collections/community.aws/pull/648). - lambda - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - rds_instance - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - rds_instance - convert ``preferred_maintenance_window`` days into lowercase so changed returns properly (https://github.com/ansible-collections/community.aws/pull/516). - rds_instance - use a generator rather than list comprehension (https://github.com/ansible-collections/community.aws/pull/688). - route53 - add rate-limiting retries while waiting for changes to propagate (https://github.com/ansible-collections/community.aws/pull/564). - route53 - add retries on ``PriorRequestNotComplete`` errors (https://github.com/ansible-collections/community.aws/pull/564). - route53 - update retry ``max_delay`` setting so that it can be set above 60 seconds (https://github.com/ansible-collections/community.aws/pull/564). - sns_topic - Added ``topic_type`` parameter to select type of SNS topic (either FIFO or Standard) (https://github.com/ansible-collections/community.aws/pull/599). - sqs_queue - Tests for compatibility with older versions of the AWS SDKs have been removed (https://github.com/ansible-collections/community.aws/pull/675). - various community.aws modules - remove unused imports (https://github.com/ansible-collections/community.aws/pull/629) - wafv2_resources_info - ensure module runs in check_mode (https://github.com/ansible-collections/community.aws/issues/659). - wafv2_web_acl_info - ensure module runs in check_mode (https://github.com/ansible-collections/community.aws/issues/659). fragments: - 499-elb-module-add-ip_address_type_option.yml - 516-rds_instance-preferred_maintenance_window.yml - 564-route53-retries.yml - 574-ecs_taskdefinition-improvement.yml - 586-elb-renames.yml - 592-sqs_queue-idempotent.yml - 600-ecs-task-defination-env-file-validations.yml - 614-ec2_vpc_peer-tagging.yml - 616-ec2_vpc_route_table-tagging.yml - 629-imports-cleanup.yml - 648-kms_info.yml - 659-checkmode.yml - 663-deprecate-rds.yml - 664-deprecate-iam.yml - 675-boto3-minimums.yml - 675-boto3-minimums.yml - 681-aws_secret-deletion-idempotency.yml - 682-aws_s3_bucket_info-botocore.yml - 686-pylint.yml - 688-pylint.yml - 692-s3_sync-individual-file-path.yml - 697-iam_role-replace-UpdateRoleDescription-with-UpdateRole.yml - 723-elasticache_subnet_group-boto3.yml - deprecate_ec2_inv_script.yml - migrate_ec2_instance.yml - migrate_ec2_vpc_endpoint.yml - migrate_ec2_vpc_igw.yml - migrate_ec2_vpc_nat_gateway.yml - rename-connection-retries.yml - sns_topic_type.yml modules: - description: Manage Amazon MSK clusters. name: aws_msk_cluster namespace: '' - description: Manage Amazon MSK cluster configurations. name: aws_msk_config namespace: '' - description: create and remove tags on Amazon EFS resources name: efs_tag namespace: '' release_date: '2021-09-14' 2.1.0: changes: bugfixes: - AWS action group - added missing ``aws_direct_connect_confirm_connection`` and ``efs_tag`` entries (https://github.com/ansible-collections/amazon.aws/issues/557). - cloudfront_info - Switch to native boto3 paginators to fix reported bug when over 100 distributions exist (https://github.com/ansible-collections/community.aws/issues/769). - ec2_eip - fix bug when allocating an EIP but not associating it to a VPC (https://github.com/ansible-collections/community.aws/pull/731). - elb_classic_lb_info - fix empty list returned when names not defined (https://github.com/ansible-collections/community.aws/pull/693). - elb_instance - Python 3 compatibility fix (https://github.com/ansible-collections/community.aws/issues/384). - iam_role_info - switch to jittered backoff to reduce rate limiting failures (https://github.com/ansible-collections/community.aws/pull/748). - rds_instance - Fixed issue with enabling enhanced monitoring on a pre-existing RDS instance (https://github.com/ansible-collections/community.aws/pull/747). - route53 - add missing set identifier in resource_record_set (https://github.com/ansible-collections/community.aws/pull/595). - route53 - fix diff mode when deleting records (https://github.com/ansible-collections/community.aws/pull/802). - route53 - return empty result for nonexistent records (https://github.com/ansible-collections/community.aws/pull/799). - sns_topic - define suboptions for delivery_policy option (https://github.com/ansible-collections/community.aws/issues/713). deprecated_features: - dynamodb_table - DynamoDB does not support specifying non-key-attributes when creating an ``ALL`` index. Passing ``includes`` for such indexes is currently ignored but will result in failures after version 3.0.0 (https://github.com/ansible-collections/community.aws/pull/726). - dynamodb_table - DynamoDB does not support updating the primary indexes on a table. Attempts to make such changes are currently ignored but will result in failures after version 3.0.0 (https://github.com/ansible-collections/community.aws/pull/726). - elb_instance - setting of the ``ec2_elb`` fact has been deprecated and will be removed in release 4.0.0 of the collection. See the module documentation for an alternative example using the register keyword (https://github.com/ansible-collections/community.aws/pull/773). - iam_cert - the iam_cert module has been renamed to iam_server_certificate for consistency with the companion iam_server_certificate_info module. The usage of the module has not changed. The iam_cert alias will be removed in version 4.0.0 (https://github.com/ansible-collections/community.aws/pull/728). - iam_server_certificate - Passing file names to the ``cert``, ``chain_cert`` and ``key`` parameters has been deprecated. We recommend using a lookup plugin to read the files instead, see the documentation for an example (https://github.com/ansible-collections/community.aws/pull/735). - iam_server_certificate - the default value for the ``dup_ok`` parameter is currently ``false``, in version 4.0.0 this will be updated to ``true``. To preserve the current behaviour explicitly set the ``dup_ok`` parameter to ``false`` (https://github.com/ansible-collections/community.aws/pull/737). - rds_snapshot - the rds_snapshot module has been renamed to rds_instance_snapshot. The usage of the module has not changed. The rds_snapshot alias will be removed in version 4.0.0 (https://github.com/ansible-collections/community.aws/pull/783). minor_changes: - aws_config_delivery_channel - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - aws_direct_connect_confirm_connection - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - aws_direct_connect_connection - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - aws_direct_connect_link_aggregation_group - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - aws_direct_connect_virtual_interface - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - aws_inspector_target - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - aws_kms - add support for ``kms_spec`` and ``kms_usage`` parameter (https://github.com/ansible-collections/community.aws/pull/774). - aws_kms - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - aws_kms_info - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - cloudformation_stack_set - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - cloudfront_distribution - add ``TLSv1.2_2021`` security policy for viewer connections (https://github.com/ansible-collections/community.aws/pull/707). - dms_endpoint - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - dms_replication_subnet_group - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - dynamodb_table - add support for setting the ``billing_mode`` option (https://github.com/ansible-collections/community.aws/pull/753). - dynamodb_table - the module has been updated to use the boto3 AWS SDK (https://github.com/ansible-collections/community.aws/pull/726). - ec2_asg - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - ec2_eip - added support for tagging EIPs (https://github.com/ansible-collections/community.aws/pull/332). - ec2_eip_info - added automatic retries for common temporary API failures (https://github.com/ansible-collections/community.aws/pull/332). - ec2_eip_info - added support for tagging EIPs (https://github.com/ansible-collections/community.aws/pull/332). - ec2_elb_info - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - ec2_win_password - module updated to use the boto3 AWS SDK (https://github.com/ansible-collections/community.aws/pull/759). - ecs_service - added support for forcing deletion of a service (https://github.com/ansible-collections/community.aws/pull/228). - ecs_service_info - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - ecs_taskdefinition - add ``placement_constraints`` option (https://github.com/ansible-collections/community.aws/pull/741). - efs - add ``transition_to_ia`` parameter to support specifying the number of days before transitioning data to inactive storage (https://github.com/ansible-collections/community.aws/pull/522). - elb_instance - added new ``updated_elbs`` return value (https://github.com/ansible-collections/community.aws/pull/773). - elb_instance - the module has been migrated to the boto3 AWS SDK (https://github.com/ansible-collections/community.aws/pull/773). - elb_target_group - add ``preserve_client_ip_enabled`` option (https://github.com/ansible-collections/community.aws/pull/670). - elb_target_group - add ``proxy_protocol_v2_enabled`` option (https://github.com/ansible-collections/community.aws/pull/670). - iam_managed_policy - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - iam_role - Added ``wait`` option for IAM role creation / updates (https://github.com/ansible-collections/community.aws/pull/767). - iam_saml_federation - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - iam_server_certificate - add support for check_mode (https://github.com/ansible-collections/community.aws/pull/737). - iam_server_certificate - migrate module to using the boto3 SDK (https://github.com/ansible-collections/community.aws/pull/737). - lambda_info - add automatic retries for recoverable errors (https://github.com/ansible-collections/community.aws/pull/777). - lambda_info - add support for tags (https://github.com/ansible-collections/community.aws/pull/375). - lambda_info - use paginator for list queries (https://github.com/ansible-collections/community.aws/pull/777). - rds - replaced use of deprecated backoff decorator (https://github.com/ansible-collections/community.aws/pull/764). - redshift_subnet_group - added support for check_mode (https://github.com/ansible-collections/community.aws/pull/724). - redshift_subnet_group - the ``group_description`` option has been renamed to ``description`` and is now optional. The old parameter name will continue to work (https://github.com/ansible-collections/community.aws/pull/724). - redshift_subnet_group - the ``group_subnets`` option has been renamed to ``subnets`` and is now only required when creating a new group. The old parameter name will continue to work (https://github.com/ansible-collections/community.aws/pull/724). - redshift_subnet_group - the module has been migrated to the boto3 AWS SDK (https://github.com/ansible-collections/community.aws/pull/724). - route53_health_check - add support for tagging health checks (https://github.com/ansible-collections/community.aws/pull/765). - route53_health_check - added support for check_mode (https://github.com/ansible-collections/community.aws/pull/734). - route53_health_check - added support for disabling health checks (https://github.com/ansible-collections/community.aws/pull/756). - route53_health_check - migrated to boto3 SDK (https://github.com/ansible-collections/community.aws/pull/734). - route53_zone - add support for tagging Route 53 zones (https://github.com/ansible-collections/community.aws/pull/565). - sqs_queue - Providing a kms_master_key_id will now enable SSE properly (https://github.com/ansible-collections/community.aws/pull/762) fragments: - 0-copy_ignore_txt.yml - 228-ecs_service-force_delete.yml - 332-ec2_eip-tagging.yml - 375-lambda_info-tags.yml - 384-elb_instance-python3-fixups.yml - 522-efs-IA-transition.yml - 557-action_group-missing-entry.yml - 565-route53-tagging.yml - 595-fix-route53-identifer.yaml - 670-elb_target_group-new_attriibutes.yml - 693-elb_classic_lb_info-without-names.yml - 707-add-cloudfront-new-security-policy-2021.yaml - 724-redshift_subnet_group-boto3.yml - 726-dynamodb_table-boto3.yml - 728-iam_cert.yml - 731-ec2_eip-not_in_vpc.yml - 734-route53_health_check.yml - 735-iam_server_certificate-file-names.yml - 737-iam_server_certificate-boto3.yml - 739-sns_topic-delivery_policy-shape.yml - 741-ecs_taskdefinition-placement.yml - 747-rds-enhanced-monitoring-bug-fix.yml - 748-iam_role_info-jittered-backoff.yaml - 753-dynamodb-billing_mode.yml - 756-route53_health_check-disable.yml - 759-ec2_win_password.yml - 762-fix-kmsmasterkeyid-attr.yaml - 764-awsretry-backoff.yml - 765-route53_health_check-tags.yml - 767-iam_role-add-waiter-support.yml - 773-elb_instance-boto3.yml - 774-add-aws_kms_parameters.yml - 777-lambda_info-awsretry.yml - 780-fix-cloudfront_info-pagination.yml - 783-rds_snapshot.yml - 798-fix-route53-empty-result.yaml - 802-fix-diif-mode.yml modules: - description: Manage AWS IAM User access keys name: iam_access_key namespace: '' - description: fetch information about AWS IAM User access keys name: iam_access_key_info namespace: '' - description: rds_option_group module name: rds_option_group namespace: '' - description: rds_option_group_info module name: rds_option_group_info namespace: '' release_date: '2021-11-12' 2.2.0: changes: bugfixes: - aws_eks - Fix EKS cluster creation with short names (https://github.com/ansible-collections/community.aws/pull/818). minor_changes: - aws_msk_config - remove duplicated and unspecific requirements (https://github.com/ansible-collections/community.aws/pull/863). - aws_ssm connection plugin - add parameters to explicitly specify SSE mode and KMS key id for uploads on the file transfer bucket. (https://github.com/ansible-collections/community.aws/pull/763) - ecs_taskdefinition - remove duplicated and unspecific requirements (https://github.com/ansible-collections/community.aws/pull/863). - iam_user - add boto3 waiter for iam user creation (https://github.com/ansible-collections/community.aws/pull/822). - iam_user - add password management support bringing parity with ``iam`` module (https://github.com/ansible-collections/community.aws/pull/822). - s3_lifecycle - Add ``abort_incomplete_multipart_upload_days`` and ``expire_object_delete_marker`` parameters (https://github.com/ansible-collections/community.aws/pull/794). release_summary: This is a backport release of the ``community.aws`` collection. fragments: - 2.2.0.yml - 763-aws_ssm_connection-add-sse-parameters.yml - 794-s3_lifecycle_abort_expire.yml - 818-fix-eks-short-name.yml - 822-add-password-support-iam_user.yml - 863-requirements-doc-fix.yml modules: - description: Create, modify and delete ASG scheduled scaling actions. name: ec2_asg_scheduled_action namespace: '' release_date: '2022-01-13' 2.3.0: changes: bugfixes: - cloudfront_distribution - Dont pass ``s3_origin_access_identity_enabled`` to API request (https://github.com/ansible-collections/community.aws/pull/881). - execute_lambda - Wait for Lambda function State = Active before executing (https://github.com/ansible-collections/community.aws/pull/857) - lambda - Wait for Lambda function State = Active & LastUpdateStatus = Successful before updating (https://github.com/ansible-collections/community.aws/pull/857) minor_changes: - elb_instance - ``wait`` parameter is no longer ignored (https://github.com/ansible-collections/community.aws/pull/826) release_summary: 'This is the minor release of the ``community.aws`` collection. This changelog contains all changes to the modules and plugins in this collection that have been made after the previous release.' fragments: - 2.3.0.yml - 825-fix-elb-wait.yml - 857-lambda-wait-before.yml - 881-cloudfront-bug.yml release_date: '2022-02-14' 2.4.0: changes: bugfixes: - Add backoff retry logic to elb_application_lb_info (https://github.com/ansible-collections/community.aws/pull/977) - ecs_taskdefinition - include launch_type comparison when comparing task definitions (https://github.com/ansible-collections/community.aws/pull/840) - elb_target_group_info - Add backoff retry logic (https://github.com/ansible-collections/community.aws/pull/1001) - iam_role - Removes unnecessary removal of permission boundary from a role when deleting a role. Unlike inline policies, permission boundaries do not need to be removed from an IAM role before deleting the IAM role. This behavior causes issues when a permission boundary is inherited that prevents removal of the permission boundary. (https://github.com/ansible-collections/community.aws/pull/961) - redshift_info - fix invalid import path for botocore exceptions (https://github.com/ansible-collections/community.aws/issues/968). - wafv2_web_acl - fix exception when a rule contains lists values (https://github.com/ansible-collections/community.aws/pull/962). minor_changes: - Added suport for retries (AWSRetry.jittered_backoff) for cloudfront_distribution (https://github.com/ansible-collections/community.aws/issues/296) release_summary: 'This is the minor release of the ``community.aws`` collection. This changelog contains all changes to the modules and plugins in this collection that have been made after the previous release.' fragments: - 1001-add-backoff-logic-elb_target_group_info.yml - 2.4.0.yml - 297-aws-retry-cloudfront-distribution.yml - 840-ecs_taskdefinition-fix-task-definition-comparison.yml - 961-iam-role-should-not-remove-permission-boundary-before-deletion.yml - 962-fix-waf-list-conditions.yml - 970-redshift_info-boto-import.yml - 977-add-backoff-logic-elb-info.yml release_date: '2022-03-30' 2.5.0: changes: bugfixes: - ecs_service - add missing change detect of ``health_check_grace_period_seconds`` parameter (https://github.com/ansible-collections/community.aws/pull/1145). - ecs_service - fix broken compare of ``task_definition`` that results always in a changed task (https://github.com/ansible-collections/community.aws/pull/1145). - ecs_service - fix validation for ``placement_constraints``. It's possible to use ``distinctInstance`` placement constraint now (https://github.com/ansible-collections/community.aws/issues/1058) - ecs_taskdefinition - fix broken change detect of ``launch_type`` parameter (https://github.com/ansible-collections/community.aws/pull/1145). - execute_lambda - fix check mode and update RETURN documentation (https://github.com/ansible-collections/community.aws/pull/1115). - iam_policy - require one of ``policy_document`` and ``policy_json`` when state is present to prevent MalformedPolicyDocumentException from being thrown (https://github.com/ansible-collections/community.aws/pull/1093). - s3_lifecycle - add support of value *0* for ``transition_days`` (https://github.com/ansible-collections/community.aws/pull/1077). - s3_lifecycle - check that configuration is complete before returning (https://github.com/ansible-collections/community.aws/pull/1085). minor_changes: - iam_policy - update broken examples and add RETURN section to documentation; add extra integration tests for idempotency check mode runs (https://github.com/ansible-collections/community.aws/pull/1093). - iam_role - delete inline policies prior to deleting role (https://github.com/ansible-collections/community.aws/pull/1054). - iam_role - remove global vars and refactor accordingly (https://github.com/ansible-collections/community.aws/pull/1054). release_summary: This is the minor release of the ``community.aws`` collection. fragments: - 0000-ecs_taskdefinition_fix.yml - 1054-iam_role-delete-inline-policies-and-refactor.yml - 1077-s3_lifecycle-transition-days-zero.yml - 1085-s3_lifecycle-check-that-configuration-is-complete-before-returning.yml - 1093-iam_policy-update-docs-and-add-required_if.yml - 1115-execute_lambda-checkmode-fix-update-return-docs.yml - 1300-ecs_service-placementConstraints.yml - 2.5.0.yml release_date: '2022-05-30' 2.6.0: changes: bugfixes: - ecs_service - fix broken change detect of ``health_check_grace_period_seconds`` parameter when not specified (https://github.com/ansible-collections/community.aws/pull/1212). - ecs_service - use default cluster name of ``default`` when not input (https://github.com/ansible-collections/community.aws/pull/1212). - ecs_task - dont require ``cluster`` and use name of ``default`` when not input (https://github.com/ansible-collections/community.aws/pull/1212). - wafv2_ip_set - fix bug where incorrect changed state was returned when only changing the description (https://github.com/ansible-collections/community.aws/pull/1211). minor_changes: - ecs_service - ``deployment_circuit_breaker`` has been added as a supported feature (https://github.com/ansible-collections/community.aws/pull/1215). - ecs_service - add ``service`` alias to address the ecs service name with the same parameter as the ecs_service_info module is doing (https://github.com/ansible-collections/community.aws/pull/1187). - ecs_service_info - add ``name`` alias to address the ecs service name with the same parameter as the ecs_service module is doing (https://github.com/ansible-collections/community.aws/pull/1187). release_summary: 'This is the last planned 2.x release of the ``community.aws`` collection. Consider upgrading to the latest version of ``community.aws`` soon.' fragments: - 0001-ecs-service-aliases.yml - 1211-wafv2_ip_set-description.yml - 1212-ecs_service-fix-broken-change-detect.yml - 1215-ecs-service-deployment-circuit-breaker-support.yml - 2.6.0.yml release_date: '2022-06-22' 2.6.1: changes: release_summary: Bump collection from 2.6.0 to 2.6.1 due to a publishing error with 2.6.0. This release supersedes 2.6.0 entirely, users should skip 2.6.0. fragments: - 261_increase.yml release_date: '2022-06-22' 3.0.0: changes: breaking_changes: - aws_acm_facts - Remove deprecated alias ``aws_acm_facts``. Please use ``aws_acm_info`` instead. - aws_kms_facts - Remove deprecated alias ``aws_kms_facts``. Please use ``aws_kms_info`` instead. - aws_kms_info - Deprecated ``keys_attr`` field is now ignored (https://github.com/ansible-collections/community.aws/pull/838). - aws_region_facts - Remove deprecated alias ``aws_region_facts``. Please use ``aws_region_info`` instead. - aws_s3_bucket_facts - Remove deprecated alias ``aws_s3_bucket_facts``. Please use ``aws_s3_bucket_info`` instead. - aws_sgw_facts - Remove deprecated alias ``aws_sgw_facts``. Please use ``aws_sgw_info`` instead. - aws_waf_facts - Remove deprecated alias ``aws_waf_facts``. Please use ``aws_waf_info`` instead. - cloudfront_facts - Remove deprecated alias ``cloudfront_facts``. Please use ``cloudfront_info`` instead. - cloudwatchlogs_log_group_facts - Remove deprecated alias ``cloudwatchlogs_log_group_facts``. Please use ``cloudwatchlogs_log_group_info`` instead. - dynamodb_table - deprecated updates currently ignored for primary keys and global_all indexes will now result in a failure. (https://github.com/ansible-collections/community.aws/pull/837). - ec2_asg_facts - Remove deprecated alias ``ec2_asg_facts``. Please use ``ec2_asg_info`` instead. - ec2_customer_gateway_facts - Remove deprecated alias ``ec2_customer_gateway_facts``. Please use ``ec2_customer_gateway_info`` instead. - ec2_eip_facts - Remove deprecated alias ``ec2_eip_facts``. Please use ``ec2_eip_info`` instead. - ec2_elb_facts - Remove deprecated alias ``ec2_elb_facts``. Please use ``ec2_elb_info`` instead. - ec2_elb_info - The ``ec2_elb_info`` module has been removed. Please use ``the ``elb_classic_lb_info`` module. - ec2_lc_facts - Remove deprecated alias ``ec2_lc_facts``. Please use ``ec2_lc_info`` instead. - ec2_placement_group_facts - Remove deprecated alias ``ec2_placement_group_facts``. Please use ``ec2_placement_group_info`` instead. - ec2_vpc_nacl_facts - Remove deprecated alias ``ec2_vpc_nacl_facts``. Please use ``ec2_vpc_nacl_info`` instead. - ec2_vpc_peering_facts - Remove deprecated alias ``ec2_vpc_peering_facts``. Please use ``ec2_vpc_peering_info`` instead. - ec2_vpc_route_table_facts - Remove deprecated alias ``ec2_vpc_route_table_facts``. Please use ``ec2_vpc_route_table_info`` instead. - ec2_vpc_vgw_facts - Remove deprecated alias ``ec2_vpc_vgw_facts``. Please use ``ec2_vpc_vgw_info`` instead. - ec2_vpc_vpn_facts - Remove deprecated alias ``ec2_vpc_vpn_facts``. Please use ``ec2_vpc_vpn_info`` instead. - ecs_service_facts - Remove deprecated alias ``ecs_service_facts``. Please use ``ecs_service_info`` instead. - ecs_taskdefinition_facts - Remove deprecated alias ``ecs_taskdefinition_facts``. Please use ``ecs_taskdefinition_info`` instead. - efs_facts - Remove deprecated alias ``efs_facts``. Please use ``efs_info`` instead. - elasticache_facts - Remove deprecated alias ``elasticache_facts``. Please use ``elasticache_info`` instead. - elb_application_lb_facts - Remove deprecated alias ``elb_application_lb_facts``. Please use ``elb_application_lb_info`` instead. - elb_classic_lb_facts - Remove deprecated alias ``elb_classic_lb_facts``. Please use ``elb_classic_lb_info`` instead. - elb_target_facts - Remove deprecated alias ``elb_target_facts``. Please use ``elb_target_info`` instead. - elb_target_group_facts - Remove deprecated alias ``elb_target_group_facts``. Please use ``elb_target_group_info`` instead. - iam - Removed deprecated ``community.aws.iam`` module. Please use ``community.aws.iam_user``, ``community.aws.iam_access_key`` or ``community.aws.iam_group`` (https://github.com/ansible-collections/community.aws/pull/839). - iam_cert_facts - Remove deprecated alias ``iam_cert_facts``. Please use ``iam_cert_info`` instead. - iam_mfa_device_facts - Remove deprecated alias ``iam_mfa_device_facts``. Please use ``iam_mfa_device_info`` instead. - iam_role_facts - Remove deprecated alias ``iam_role_facts``. Please use ``iam_role_info`` instead. - iam_server_certificate_facts - Remove deprecated alias ``iam_server_certificate_facts``. Please use ``iam_server_certificate_info`` instead. - lambda_facts - Remove deprecated module lambda_facts``. Please use ``lambda_info`` instead. - rds - Removed deprecated ``community.aws.rds`` module. Please use ``community.aws.rds_instance`` (https://github.com/ansible-collections/community.aws/pull/839). - rds_instance_facts - Remove deprecated alias ``rds_instance_facts``. Please use ``rds_instance_info`` instead. - rds_snapshot_facts - Remove deprecated alias ``rds_snapshot_facts``. Please use ``rds_snapshot_info`` instead. - redshift_facts - Remove deprecated alias ``redshift_facts``. Please use ``redshift_info`` instead. - route53_facts - Remove deprecated alias ``route53_facts``. Please use ``route53_info`` instead. bugfixes: - aws_eks - Fix EKS cluster creation with short names (https://github.com/ansible-collections/community.aws/pull/818). major_changes: - community.aws collection - The community.aws collection has dropped support for ``botocore<1.19.0`` and ``boto3<1.16.0``. Most modules will continue to work with older versions of the AWS SDK, however compatibility with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/community.aws/pull/809). minor_changes: - aws_glue_job - Added ``command_python_version`` parameter (https://github.com/ansible-collections/community.aws/pull/480). - aws_glue_job - Added ``glue_version`` parameter (https://github.com/ansible-collections/community.aws/pull/480). - aws_glue_job - Added support for check mode (https://github.com/ansible-collections/community.aws/pull/480). - aws_glue_job - Added support for tags (https://github.com/ansible-collections/community.aws/pull/480). - aws_ssm connection plugin - add parameters to explicitly specify SSE mode and KMS key id for uploads on the file transfer bucket. (https://github.com/ansible-collections/community.aws/pull/763) - iam_user - add boto3 waiter for iam user creation (https://github.com/ansible-collections/community.aws/pull/822). - iam_user - add password management support bringing parity with ``iam`` module (https://github.com/ansible-collections/community.aws/pull/822). - route53 - ``ttl`` and ``value`` are not required for deleting records (https://github.com/ansible-collections/community.aws/pull/801). - route53_info - ``max_items`` and ``type`` are no longer ignored fixing a regression (https://github.com/ansible-collections/community.aws/pull/813). fragments: - 14532-remove-deprecations.yml - 3.0.0.yml - 480-aws_glue_job-python-glue-version.yml - 763-aws_ssm_connection-add-sse-parameters.yml - 801-fix-delete-without-ttl.yml - 809-botocore-1-19-0.yml - 813-route53_info-fix-max_items.yml - 818-fix-eks-short-name.yml - 822-add-password-support-iam_user.yml - 837-make-deprecated-dynamodb_table-updates-fail.yml.yml - 838-ignore-deprecated-param-aws_kms_info.yml - remove_deprecated_facts.yml release_date: '2022-01-06' 3.0.1: changes: minor_changes: - aws_msk_config - remove duplicated and unspecific requirements (https://github.com/ansible-collections/community.aws/pull/863). - ecs_taskdefinition - remove duplicated and unspecific requirements (https://github.com/ansible-collections/community.aws/pull/863). - s3_lifecycle - Add ``abort_incomplete_multipart_upload_days`` and ``expire_object_delete_marker`` parameters (https://github.com/ansible-collections/community.aws/pull/794). release_summary: This is a path release of the ``community.aws`` collection. fragments: - 3.0.1.yml - 794-s3_lifecycle_abort_expire.yml - 863-requirements-doc-fix.yml release_date: '2022-01-18' 3.1.0: changes: bugfixes: - Add backoff retry logic to route53_info (https://github.com/ansible-collections/community.aws/pull/865). - Add backoff retry logic to route53_zone (https://github.com/ansible-collections/community.aws/pull/865). - cloudfront_distribution - Dont pass ``s3_origin_access_identity_enabled`` to API request (https://github.com/ansible-collections/community.aws/pull/881). - execute_lambda - Wait for Lambda function State = Active before executing (https://github.com/ansible-collections/community.aws/pull/857) - lambda - Wait for Lambda function State = Active & LastUpdateStatus = Successful before updating (https://github.com/ansible-collections/community.aws/pull/857) - rds_instance - Fix updates of ``iops`` or ``allocated_storage`` for ``io1`` DB instances when only one value is changing (https://github.com/ansible-collections/community.aws/pull/878). minor_changes: - aws_secret - Add ``resource_policy`` parameter (https://github.com/ansible-collections/community.aws/pull/843). - aws_ssm connection plugin - add parameters to explicitly specify SSE mode and KMS key id for uploads on the file transfer bucket. (https://github.com/ansible-collections/community.aws/pull/763) - dynamodb_table - the ``table_class`` parameter has been added (https://github.com/ansible-collections/community.aws/pull/880). - ec2_launch_template - Add metadata options parameter ``http_protocol_ipv6`` and ``instance_metadata_tags`` (https://github.com/ansible-collections/community.aws/pull/917). - ec2_lc - add support for throughput parameter (https://github.com/ansible-collections/community.aws/pull/790). - ec2_placement_group - add support for partition strategy and partition count (https://github.com/ansible-collections/community.aws/pull/872). - elb_instance - ``wait`` parameter is no longer ignored (https://github.com/ansible-collections/community.aws/pull/826) - elb_target_group - add support for parameter ``deregistration_connection_termination`` (https://github.com/ansible-collections/community.aws/pull/913). - iam_managed_policy - refactor module adding ``check_mode`` and better AWSRetry backoff logic (https://github.com/ansible-collections/community.aws/pull/893). - iam_user - add parameter ``password_reset_required`` (https://github.com/ansible-collections/community.aws/pull/860). - wafv2_web_acl - Documentation updates wafv2_web_acl and aws_waf_web_acl (https://github.com/ansible-collections/community.aws/pull/721). - wafv2_web_acl - Extended the wafv2_web_acl module to also take the ``custom_response_bodies`` argument (https://github.com/ansible-collections/community.aws/pull/721). release_summary: 'This is the minor release of the ``community.aws`` collection. This changelog contains all changes to the modules and plugins in this collection that have been made after the previous release.' fragments: - 3.1.0.yml - 721-wafv2_web_acl.yml - 763-aws_ssm_connection-add-sse-parameters.yml - 790-ec2_lc-add-throughput-param-support.yml - 825-fix-elb-wait.yml - 843-add_aws_secret_resource_policy_support.yml - 857-lambda-wait-before.yml - 860-add-missing-parameter.yml - 865-add-backoff-retry-logic-route53_zone.yml - 872-ec2_placement_group_partition_strategy.yml - 878-fix-iops-updates-rds.yml - 880-add-table-class-param.yml - 881-cloudfront-bug.yml - 893-refactor-iam_managed_policy.yml - 913-tg-dereg-conn-param.yml - 917-add-launch-template-metadata-parameters.yml release_date: '2022-02-14' 3.2.0: changes: bugfixes: - ecs_taskdefinition - include launch_type comparison when comparing task definitions (https://github.com/ansible-collections/community.aws/pull/840) - elb_application_lb - Fix empty security groups list behaves inconsistently on create/update by treating empty security group as VPC's defaault (https://github.com/ansible-collections/community.aws/pull/971). - elb_application_lb_info - Add backoff retry logic (https://github.com/ansible-collections/community.aws/pull/977) - elb_target_group_info - Add backoff retry logic (https://github.com/ansible-collections/community.aws/pull/1001) - iam_role - Removes unnecessary removal of permission boundary from a role when deleting a role. Unlike inline policies, permission boundaries do not need to be removed from an IAM role before deleting the IAM role. This behavior causes issues when a permission boundary is inherited that prevents removal of the permission boundary. (https://github.com/ansible-collections/community.aws/pull/961) - redshift_info - fix invalid import path for botocore exceptions (https://github.com/ansible-collections/community.aws/issues/968). - wafv2_web_acl - fix exception when a rule contains lists values (https://github.com/ansible-collections/community.aws/pull/962). major_changes: - s3_bucket_notifications - refactor module to support SNS / SQS targets as well as the existing support for Lambda functions (https://github.com/ansible-collections/community.aws/issues/140). minor_changes: - aws_acm - Add ``tags`` and ``purge_tags`` parameters to tag certificates in ACM (https://github.com/ansible-collections/community.aws/pull/870). - cloudfront_distribution - Added support for retries (AWSRetry.jittered_backoff) (https://github.com/ansible-collections/community.aws/issues/296) - ec2_asg - Added functionality to detach specific instances and/or decrement desired capacity from ASG without terminating instances (https://github.com/ansible-collections/community.aws/pull/933). - ec2_asg - Restructure integration tests to run in parallel and reduce runtime (https://github.com/ansible-collections/community.aws/pull/1036). - ec2_asg - add support for ``purge_tags`` to ec2_asg (https://github.com/ansible-collections/community.aws/pull/960). - ec2_eip - refactor module by fixing check_mode and more clear return obj. added integration tests (https://github.com/ansible-collections/community.aws/pull/936) - elb_application_lb - Add support for alb specific attributes and check_mode support for modifying them (https://github.com/ansible-collections/community.aws/pull/963). - elb_application_lb - add check_mode support and refactor integration tests (https://github.com/ansible-collections/community.aws/pull/894) - elb_application_lb_info - update documentation and refactor integration tests (https://github.com/ansible-collections/community.aws/pull/894) - elb_target_group - add support for alb target_type and update documentation (https://github.com/ansible-collections/community.aws/pull/966). - elb_target_group - add support for setting load_balancing_algorithm_type (https://github.com/ansible-collections/community.aws/pull/1016). - rds_instance - add ``choices`` for valid engine value (https://github.com/ansible-collections/community.aws/pull/1034). - rds_subnet_group - add ``check_mode`` (https://github.com/ansible-collections/community.aws/pull/562). - rds_subnet_group - add ``tags`` feature (https://github.com/ansible-collections/community.aws/pull/562). release_summary: 'This is the minor release of the ``community.aws`` collection. This changelog contains all changes to the modules and plugins in this collection that have been made after the previous release.' fragments: - 1001-add-backoff-logic-elb_target_group_info.yml - 1016-add-algo-param-elb_target_group.yml - 1034-rds_instance-update-valid-engine-type.yml - 1036-ec2_asg-restructure-integration-tests.yml - 297-aws-retry-cloudfront-distribution.yml - 3.2.0.yml - 562-rds_subnet_group-tags-and-check_mode.yaml - 840-ecs_taskdefinition-fix-task-definition-comparison.yml - 870-aws_acm_certificate_tags.yml - 894-add-check_mode-elb_application_lb.yml - 933-ec2_asg-detach-instances-feature.yml - 936-stabilize-ec2-eip.yml - 940-refactor-s3_bucket_notifications.yml - 960-ec2_asg-purge-tags.yml - 961-iam-role-should-not-remove-permission-boundary-before-deletion.yml - 962-fix-waf-list-conditions.yml - 963-elb_application_lb-support-alb-attributes.yml - 966-elb_target_group-support-alb-target.yml - 970-redshift_info-boto-import.yml - 971-elb_application_lb-fix-empty-sg-on-update.yml - 977-add-backoff-logic-elb-info.yml modules: - description: Create, update and delete response headers policies to be used in a Cloudfront distribution name: cloudfront_response_headers_policy namespace: '' - description: Start or cancel an EC2 Auto Scaling Group (ASG) instance refresh in AWS name: ec2_asg_instance_refresh namespace: '' - description: Gather information about ec2 Auto Scaling Group (ASG) Instance Refreshes in AWS name: ec2_asg_instance_refresh_info namespace: '' - description: rds_cluster module name: rds_cluster namespace: '' - description: Obtain information about one or more RDS clusters name: rds_cluster_info namespace: '' - description: sns_topic_info module name: sns_topic_info namespace: '' release_date: '2022-04-06' 3.2.1: changes: bugfixes: - ec2_asg - Change the default value of ``purge_tags`` to ``false``. Restores previous behaviour (https://github.com/ansible-collections/community.aws/pull/1064). minor_changes: - iam_role - delete inline policies prior to deleting role (https://github.com/ansible-collections/community.aws/pull/1054). - iam_role - remove global vars and refactor accordingly (https://github.com/ansible-collections/community.aws/pull/1054). release_summary: 'This is a bugfix release of the ``community.aws`` collection. The new parameter ``purge_tags`` in ``ec2_asg`` module, that was introduced in ``community.aws 3.2.0`` with its default value ``true``, possibly breaks existing playbooks for users if they don''t update their playbooks and specify ``purge_tags: false``. However, this release restores the previous behaviour.' fragments: - 1054-iam_role-delete-inline-policies-and-refactor.yml - 1064-ec2_asg_change_purge_tags.yml - 3.2.1.yml release_date: '2022-04-14' 3.3.0: changes: bugfixes: - dynamodb_table - fix an issue when creating secondary indexes with global_keys_only (https://github.com/ansible-collections/community.aws/issues/967). - ecs_service - add missing change detect of ``health_check_grace_period_seconds`` parameter (https://github.com/ansible-collections/community.aws/pull/1145). - ecs_service - fix broken compare of ``task_definition`` that results always in a changed task (https://github.com/ansible-collections/community.aws/pull/1145). - ecs_service - fix validation for ``placement_constraints``. It's possible to use ``distinctInstance`` placement constraint now (https://github.com/ansible-collections/community.aws/issues/1058) - ecs_taskdefinition - fix broken change detect of ``launch_type`` parameter (https://github.com/ansible-collections/community.aws/pull/1145). - execute_lambda - add waiter for function_updated (https://github.com/ansible-collections/community.aws/pull/1108). - execute_lambda - fix check mode and update RETURN documentation (https://github.com/ansible-collections/community.aws/pull/1115). - iam_policy - require one of ``policy_document`` and ``policy_json`` when state is present to prevent MalformedPolicyDocumentException from being thrown (https://github.com/ansible-collections/community.aws/pull/1093). - iam_user - don't delete user login profile on check mode (https://github.com/ansible-collections/community.aws/pull/1059). - iam_user_info - gracefully handle when no users are found (https://github.com/ansible-collections/community.aws/pull/1059). - lambda - fix check mode on creation (https://github.com/ansible-collections/community.aws/pull/1108). - rds_instance - fix check_mode and idempotency issues and added integration tests for all tests in suite (https://github.com/ansible-collections/community.aws/pull/1002). - rds_instance_snapshot - don't require ``db_instance_identifier`` on state = present (https://github.com/ansible-collections/community.aws/pull/1078). - s3_lifecycle - add support of value *0* for ``transition_days`` (https://github.com/ansible-collections/community.aws/pull/1077). - s3_lifecycle - check that configuration is complete before returning (https://github.com/ansible-collections/community.aws/pull/1085). minor_changes: - aws_kms - add extra key/value pair to return data (key_policies) to return each policy as a dictionary rather than json string (https://github.com/ansible-collections/community.aws/pull/1052). - aws_kms - fix some bugs in integration tests and add check mode support for key rotation as well as document issues with time taken for requested changes to be reflected on AWS (https://github.com/ansible-collections/community.aws/pull/1052). - ec2_asg - add check mode support (https://github.com/ansible-collections/community.aws/pull/1033). - iam_policy - update broken examples and add RETURN section to documentation; add extra integration tests for idempotency check mode runs (https://github.com/ansible-collections/community.aws/pull/1093). - iam_user - add ``user`` value to return data structure to deprecate old ``iam_user`` (https://github.com/ansible-collections/community.aws/pull/1059). - lambda - add kms_key_arn parameter (https://github.com/ansible-collections/community.aws/pull/1108). - rds_instance - add ``deletion_protection`` parameter (https://github.com/ansible-collections/community.aws/pull/1105). - rds_instance - add support for addition/removal of iam roles to db instance (https://github.com/ansible-collections/community.aws/pull/1002). - rds_instance_snapshot - add ``check_mode`` (https://github.com/ansible-collections/community.aws/pull/789). - rds_instance_snapshot - add copy_db_snapshot functionality (https://github.com/ansible-collections/community.aws/pull/1078). - rds_instance_snapshot - add integration tests (https://github.com/ansible-collections/community.aws/pull/789). - rds_instance_snapshot - update module to use handlers defined in module_utils/rds.py (https://github.com/ansible-collections/community.aws/pull/789). - route53 - add support for GeoLocation param (https://github.com/ansible-collections/amazon.aws/pull/1117). release_summary: This is the minor release of the ``community.aws`` collection. fragments: - 0000-ecs_taskdefinition_fix.yml - 1002-rds_instance-stabilize-and-support-iam-roles.yml - 1033-ec2_asg-check-mode-support.yml - 1052-aws_kms-stabilize-integration-tests.yml - 1059-iam_user-add-new-ret-val-handle-errors.yml - 1077-s3_lifecycle-transition-days-zero.yml - 1078-rds_instance_snapshot-add-copy-snapshot.yml - 1085-s3_lifecycle-check-that-configuration-is-complete-before-returning.yml - 1093-iam_policy-update-docs-and-add-required_if.yml - 1105-rds_instance-add-deletion_protection-parameter.yml - 1108-lambda-checkmode-fix-kms_key_arn-param.yml - 1115-execute_lambda-checkmode-fix-update-return-docs.yml - 1117-route53-add_geo_location_support.yml - 1300-ecs_service-placementConstraints.yml - 3.3.0.yml - 789-rds_instance_snapshot.yml - 967-dynamodb_table.yml modules: - description: Manage AWS API Gateway custom domains name: aws_api_gateway_domain namespace: '' release_date: '2022-05-30' 3.4.0: changes: bugfixes: - aws_codebuild - fix bug where the result may be spuriously flagged as ``changed`` when multiple tags were set on the project (https://github.com/ansible-collections/community.aws/pull/1221). - ecs_service - fix broken change detect of ``health_check_grace_period_seconds`` parameter when not specified (https://github.com/ansible-collections/community.aws/pull/1212). - ecs_service - use default cluster name of ``default`` when not input (https://github.com/ansible-collections/community.aws/pull/1212). - ecs_task - dont require ``cluster`` and use name of ``default`` when not input (https://github.com/ansible-collections/community.aws/pull/1212). - lambda_info - fix bug that forces query=config when getting info for all lambdas. Now, if function name is specified, query will default to all. This may have a performance impact when querying a large number of lambdas. If function name is not specified, query will default to config (https://github.com/ansible-collections/community.aws/pull/1152). - rds_instance - fix bugs associated with restoring db instance from snapshot (https://github.com/ansible-collections/community.aws/pull/1081). - wafv2_ip_set - fix bug where incorrect changed state was returned when only changing the description (https://github.com/ansible-collections/community.aws/pull/1211). - wafv2_web_acl - consistently return web ACL info as described in module documentation (https://github.com/ansible-collections/community.aws/pull/1216). - wafv2_web_acl - fix ``changed`` status when description not specified (https://github.com/ansible-collections/community.aws/pull/1216). deprecated_features: - aws_codebuild - The ``tags`` parameter currently uses a non-standard format and has been deprecated. In release 6.0.0 this parameter will accept a simple key/value pair dictionary instead of the current list of dictionaries. It is recommended to migrate to using the resource_tags parameter which already accepts the simple dictionary format (https://github.com/ansible-collections/community.aws/pull/1221). - route53_info - The CamelCase return values for ``HostedZones``, ``ResourceRecordSets``, and ``HealthChecks`` have been deprecated, in the future release you must use snake_case return values ``hosted_zones``, ``resource_record_sets``, and ``health_checks`` instead respectively. minor_changes: - aws_codebuild - add support for ``purge_tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1221). - aws_codebuild - add the ``resource_tags`` parameter which takes the dictionary format for tags instead of the list of dictionaries format (https://github.com/ansible-collections/community.aws/pull/1221). - aws_codebuild - add the ``resource_tags`` return value which returns the standard dictionary format for tags instead of the list of dictionaries format (https://github.com/ansible-collections/community.aws/pull/1221). - aws_codebuild - the ``source`` and ``artifacts`` parameters are now optional unless creating a new project (https://github.com/ansible-collections/community.aws/pull/1221). - ecs_service - ``deployment_circuit_breaker`` has been added as a supported feature (https://github.com/ansible-collections/community.aws/pull/1215). - ecs_service - add ``service`` alias to address the ecs service name with the same parameter as the ecs_service_info module is doing (https://github.com/ansible-collections/community.aws/pull/1187). - ecs_service_info - add ``name`` alias to address the ecs service name with the same parameter as the ecs_service module is doing (https://github.com/ansible-collections/community.aws/pull/1187). - ecs_tag - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1184). - efs_tag - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1184). - rds_instance - add snapshot tests to test suite to test restoring db from snapshot (https://github.com/ansible-collections/community.aws/pull/1081). - rds_instance_info - add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/1026). - wafv2_web_acl - relax botocore requirement to bare minimum required (https://github.com/ansible-collections/community.aws/pull/1216). fragments: - 0001-ecs-service-aliases.yml - 1026-aws-retry-rds-instance-info.yml - 1081-rds_instance-snapshot-tests-and-restore-db.yml - 1152-lambda_info-bugfix-all-lambdas.yml - 1184-tagging.yml - 1211-wafv2_ip_set-description.yml - 1212-ecs_service-fix-broken-change-detect.yml - 1215-ecs-service-deployment-circuit-breaker-support.yml - 1216-wafv2_web_acl-return.yml - 1221-aws_codebuild-tagging.yml - 1236-route53_info-add-snake_case-return-values.yml release_date: '2022-06-23' 3.5.0: changes: bugfixes: - aws_api_gateway_domain - added the ``aws_api_gateway_domain`` module to the aws module_defaults group (https://github.com/ansible-collections/community.aws/pull/1283). - aws_config_aggregator - Fix ``KeyError`` when updating existing aggregator (https://github.com/ansible-collections/community.aws/pull/645). - aws_config_aggregator - Fix idempotency when ``account_sources`` parameter is not specified (https://github.com/ansible-collections/community.aws/pull/645). - aws_ssm - pull S3 bucket region for session generated for file transfer during playbooks (https://github.com/ansible-collections/community.aws/issues/1190). - cloudfront_response_headers_policy - added the ``cloudfront_response_headers_policy`` module to the aws module_defaults group (https://github.com/ansible-collections/community.aws/pull/1283). - ec2_vpc_peer - fix idempotency when requester/accepter is reversed (https://github.com/ansible-collections/community.aws/issues/580). - kms_key_info - handle access denied errors more liberally (https://github.com/ansible-collections/community.aws/issues/206). - route53 - fixes bug preventing creating a DNS record with a weight of zero (https://github.com/ansible-collections/community.aws/issues/1378) - route53_info - fix ``max_items`` parameter when used with non-paginated commands (https://github.com/ansible-collections/community.aws/issues/1383). minor_changes: - iam_server_certificate - the deprecation for the ``iam_cert`` alias has been extended from release 4.0.0 to release 5.0.0 (https://github.com/ansible-collections/community.aws/pull/1257). - iam_server_certificate - the deprecations for ``cert_chain``, ``cert``, ``key`` and ``dup_ok`` have been extended from release 4.0.0 to release 5.0.0 (https://github.com/ansible-collections/community.aws/pull/1256). - rds_instance_snapshot - the deprecation for the ``rds_snapshot`` alias has been extended from release 4.0.0 to release 5.0.0 (https://github.com/ansible-collections/community.aws/pull/1257). - s3_sync - improves error handling during ``HEAD`` operation to compare existing files (https://github.com/ansible-collections/community.aws/issues/58). fragments: - 1176-ssm-connection-plugin-region-fix.yml - 1257-deprecations.yml - 1282-meta.yml - 1379-zero_weight_dns_fix.yml - 1384-route53_info-fix-max-items.yml - 206-kms_key_info.yml - 58-s3_sync.yml - 580-vpc_peer-idempotency.yml - 645-aws_config_aggregator-fix-update-and-idempotency.yml release_date: '2022-08-03' 3.6.0: changes: bugfixes: - ec2_placement_group - Handle a potential race creation during the creation of a new Placement Group (https://github.com/ansible-collections/community.aws/pull/1477). - s3_lifecycle - fix bug when deleting rules with an empty prefix (https://github.com/ansible-collections/community.aws/pull/1398). minor_changes: - autoscaling_group_info - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - cloudfront_distribution - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - cloudfront_origin_access_identity - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - cloudtrail - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - ec2_asg_lifecycle_hook - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - ec2_vpc_nacl - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - redshift - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - s3_bucket_info - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). release_summary: 'Following the release of community.aws 5.0.0, 3.6.0 is a bugfix release and the final planned release for the 3.x series. ' fragments: - 1398-s3_lifecycle-no-prefix.yml - 1410-linting.yml - RELEASE-3.6.0.yml - ec2_placement_group_race_on_create.yaml release_date: '2022-10-06' 4.0.0: changes: breaking_changes: - Tags beginning with ``aws:`` will not be removed when purging tags, these tags are reserved by Amazon and may not be updated or deleted (https://github.com/ansible-collections/amazon.aws/issues/817). - aws_secret - tags are no longer removed when the ``tags`` parameter is not set. To remove all tags set ``tags={}`` (https://github.com/ansible-collections/community.aws/issues/1146). - community.aws collection - The ``community.aws`` collection has now dropped support for and any requirements upon the original ``boto`` AWS SDK, and now uses the ``boto3``/``botocore`` AWS SDK (https://github.com/ansible-collections/community.aws/pull/898). - community.aws collection - the ``profile`` parameter is now mutually exclusive with the ``aws_access_key``, ``aws_secret_key`` and ``security_token`` parameters (https://github.com/ansible-collections/amazon.aws/pull/834). - ec2_vpc_route_table - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_route_table``. - ec2_vpc_route_table_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_vpc_route_table_info``. - elb_instance - the ``ec2_elbs`` fact has been removed, ``updated_elbs`` has been added the return values and includes the same information (https://github.com/ansible-collections/community.aws/pull/1173). - elb_network_lb - the default value of ``state`` has changed from ``absent`` to ``present`` (https://github.com/ansible-collections/community.aws/pull/1167). - script_inventory_ec2 - The ec2.py inventory script has been moved to a new repository. The script can now be downloaded from https://github.com/ansible-community/contrib-scripts/blob/main/inventory/ec2.py and has been removed from this collection. We recommend migrating from the script to the amazon.aws.ec2 inventory plugin. (https://github.com/ansible-collections/community.aws/pull/898) bugfixes: - aws_ssm connection plugin - fix linting errors in documentation data (https://github.com/ansible-collections/community.aws/pull/965). - aws_ssm_parameter_store - fix exception when description was set without value (https://github.com/ansible-collections/community.aws/pull/1241). - don't require ``db_instance_identifier`` on state = present (https://github.com/ansible-collections/community.aws/pull/1078). - dynamodb_table - fix an issue when creating secondary indexes with global_keys_only (https://github.com/ansible-collections/community.aws/issues/967). - ec2_asg - Change the default value of ``purge_tags`` to ``false``. Restores previous behaviour (https://github.com/ansible-collections/community.aws/pull/1064). - ec2_vpc_vpn - fix exception when no tags are passed in check mode (https://github.com/ansible-collections/community.aws/pull/1242). - ecs_service - add missing change detect of ``health_check_grace_period_seconds`` parameter (https://github.com/ansible-collections/community.aws/pull/1145). - ecs_service - fix broken compare of ``task_definition`` that results always in a changed task (https://github.com/ansible-collections/community.aws/pull/1145). - ecs_service - fix validation for ``placement_constraints``. It's possible to use ``distinctInstance`` placement constraint now (https://github.com/ansible-collections/community.aws/issues/1058) - ecs_taskdefinition - fix broken change detect of ``launch_type`` parameter (https://github.com/ansible-collections/community.aws/pull/1145). - elb_application_lb_info - Up default value AWS backoff retries for paginated calls. (https://github.com/ansible-collections/community.aws/pull/1113). - elb_target_group_info - Up default value AWS backoff retries for paginated calls. (https://github.com/ansible-collections/community.aws/pull/1113). - execute_lamba - add waiter for function_updated (https://github.com/ansible-collections/community.aws/pull/1108). - execute_lambda - fix check mode and update RETURN documentation (https://github.com/ansible-collections/community.aws/pull/1115). - iam_policy - require one of ``policy_document`` and ``policy_json`` when state is present to prevent MalformedPolicyDocumentException from being thrown (https://github.com/ansible-collections/community.aws/pull/1093). - iam_user - don't delete user login profile on check mode (https://github.com/ansible-collections/community.aws/pull/1059). - iam_user_info - gracefully handle when no users are found (https://github.com/ansible-collections/community.aws/pull/1059). - lambda - fix bug where tag keys were mangled in the return values (https://github.com/ansible-collections/community.aws/pull/1202). - lambda - fix bug where the lambda module was modifying tags in check mode (https://github.com/ansible-collections/community.aws/pull/1202). - lambda - fix check mode on creation (https://github.com/ansible-collections/community.aws/pull/1108). - rds_instance - fix check_mode and idempotency issues and added integration tests for all tests in suite (https://github.com/ansible-collections/community.aws/pull/1002). - s3_lifecycle - add support of value *0* for ``transition_days`` (https://github.com/ansible-collections/community.aws/pull/1077). - s3_lifecycle - check that configuration is complete before returning (https://github.com/ansible-collections/community.aws/pull/1085). - wafv2_rule_group - fix bug where description of resource state was missing when rule groups were updated (https://github.com/ansible-collections/community.aws/pull/1210). - wafv2_rule_group - fix bug where updating just the description did not update the changed state (https://github.com/ansible-collections/community.aws/pull/1210). deprecated_features: - aws_acm - the current default value of ``False`` for ``purge_tags`` has been deprecated and will be updated in release 5.0.0 to ``True``. - aws_kms - the current default value of ``False`` for ``purge_tags`` has been deprecated and will be updated in release 5.0.0 to ``True``. - cloudfront_distribution - the current default value of ``False`` for ``purge_tags`` has been deprecated and will be updated in release 5.0.0 to ``True``. - ec2_vpc_vpn - the current default value of ``False`` for ``purge_tags`` has been deprecated and will be updated in release 5.0.0 to ``True``. - rds_param_group - the current default value of ``False`` for ``purge_tags`` has been deprecated and will be updated in release 5.0.0 to ``True``. - route53_health_check - the current default value of ``False`` for ``purge_tags`` has been deprecated and will be updated in release 5.0.0 to ``True``. - route53_zone - the current default value of ``False`` for ``purge_tags`` has been deprecated and will be updated in release 5.0.0 to ``True``. - sqs_queue - the current default value of ``False`` for ``purge_tags`` has been deprecated and will be updated in release 5.0.0 to ``True``. major_changes: - community.aws collection - The amazon.aws collection has dropped support for ``botocore<1.20.0`` and ``boto3<1.17.0``. Most modules will continue to work with older versions of the AWS SDK, however compatibility with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/community.aws/pull/956). minor_changes: - aws_acm - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1185). - aws_glue_job - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - aws_kms - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1185). - aws_kms - add extra key/value pair to return data (key_policies) to return each policy as a dictionary rather than json string (https://github.com/ansible-collections/community.aws/pull/1052). - aws_kms - fix some bugs in integration tests and add check mode support for key rotation as well as document issues with time taken for requested changes to be reflected on AWS (https://github.com/ansible-collections/community.aws/pull/1052). - aws_kms - the default value for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` and ``purge_tags`` to ``True`` (https://github.com/ansible-collections/community.aws/pull/1183). - aws_msk_cluster - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - aws_secret - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - aws_secret - addition of the ``purge_tags`` parameter (https://github.com/ansible-collections/community.aws/issues/1146). - aws_ssm_parameter_store - add parameter_metadata to the returned values (https://github.com/ansible-collections/community.aws/pull/1241). - aws_step_functions_state_machine - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - cloudfront_distribution - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1185). - cloudfront_distribution - the default value for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` and ``purge_tags`` to ``True`` (https://github.com/ansible-collections/community.aws/pull/1183). - cloudtrail - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1219). - cloudtrail - the default value for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` (https://github.com/ansible-collections/community.aws/pull/1219). - cloudtrail - updated to pass tags as part of the create API call rather than tagging the trail after creation (https://github.com/ansible-collections/community.aws/pull/1219). - cloudwatchlogs_log_group - adds support for returning tags (https://github.com/ansible-collections/community.aws/pull/1233). - cloudwatchlogs_log_group - adds support for updating tags (https://github.com/ansible-collections/community.aws/pull/1233). - cloudwatchlogs_log_group - now consistently returns the values as defined in the return documentation (https://github.com/ansible-collections/community.aws/pull/1233). - cloudwatchlogs_log_group_info - adds support for returning tags (https://github.com/ansible-collections/community.aws/pull/1233). - data_pipeline - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1204). - dms_endpoint - ``endpointtype`` and ``enginename`` no longer required when deleting an endpoint (https://github.com/ansible-collections/community.aws/pull/1234). - dms_endpoint - ``resource_tags`` added as an alias for ``tags`` (https://github.com/ansible-collections/community.aws/pull/1234). - dms_endpoint - added support for ``purge_tags`` (https://github.com/ansible-collections/community.aws/pull/1234). - dms_endpoint - now returns details of the endpoint (https://github.com/ansible-collections/community.aws/pull/1234). - dynamodb_table - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1199). - ec2_ami_copy - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1204). - ec2_asg - add check mode support (https://github.com/ansible-collections/community.aws/pull/1033). - ec2_asg - bugfix to make test setup run once (https://github.com/ansible-collections/community.aws/pull/1061). - ec2_asg_lifecycle_hook - Added check_mode support (https://github.com/ansible-collections/community.aws/pull/1060). - ec2_asg_lifecycle_hook - add integration tests (https://github.com/ansible-collections/community.aws/pull/1048). - ec2_asg_lifecycle_hook - module now returns info about Life Cycle Hook (https://github.com/ansible-collections/community.aws/pull/1048). - ec2_eip - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - ec2_launch_template - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1204). - ec2_snapshot_copy - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1201). - ec2_snapshot_copy - updated to pass tags as part of the copy API call rather than tagging the snapshot after creation (https://github.com/ansible-collections/community.aws/pull/1201). - ec2_transit_gateway - code updated to use common ``ensure_ec2_tags`` helper (https://github.com/ansible-collections/community.aws/pull/1183). - ec2_transit_gateway - the default value for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` (https://github.com/ansible-collections/community.aws/pull/1183). - ec2_transit_gateway - wait and retry if API returns an IncorrectState error. - ec2_vpc_nacl - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1189). - ec2_vpc_nacl - add support for ``purge_tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1189). - ec2_vpc_nacl - the default value for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` and ``purge_tags`` to ``True`` (https://github.com/ansible-collections/community.aws/pull/1189). - ec2_vpc_peer - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - ec2_vpc_vgw - add support for ``purge_tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1232). - ec2_vpc_vgw - the default behaviour for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` and ``purge_tags`` to ``True`` (https://github.com/ansible-collections/community.aws/pull/1232). - ec2_vpc_vgw - updated to set tags as part of VGW creation instead of tagging the VGW after creation (https://github.com/ansible-collections/community.aws/pull/1232). - ec2_vpc_vgw_info - added ``resource_tags`` to the return values (https://github.com/ansible-collections/community.aws/pull/1232). - ec2_vpc_vpn - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1185). - ec2_vpc_vpn - the default value for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` and ``purge_tags`` to ``True`` (https://github.com/ansible-collections/community.aws/pull/1183). - ecs_ecr - Will now return repository permission policy if it exists, even if we did not create or modify it. (https://github.com/ansible-collections/community.aws/pull/1171). - ecs_service - Now allows for a ``capacity_provider_strategy`` to be utilized when creating/updating a service (https://github.com/ansible-collections/community.aws/pull/1181). - ecs_task - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1204). - efs - the default value for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` (https://github.com/ansible-collections/community.aws/pull/1183). - eks_fargate_profile - the default value for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` (https://github.com/ansible-collections/community.aws/pull/1183). - elb_application_lb - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - elb_network_lb - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - elb_target_group - explicitly setting the ``tags`` parameter to the empty dict ``{}`` will now remove all tags unles ``purge_tags`` is explicitly set to ``False`` (https://github.com/ansible-collections/community.aws/pull/1183). - iam_policy - update broken examples and add RETURN section to documentation; add extra integration tests for idempotency check mode runs (https://github.com/ansible-collections/community.aws/pull/1093). - iam_role - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - iam_role - delete inline policies prior to deleting role (https://github.com/ansible-collections/community.aws/pull/1054). - iam_role - remove global vars and refactor accordingly (https://github.com/ansible-collections/community.aws/pull/1054). - iam_user - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - iam_user - add ``user`` value to return data structure to deprecate old ``iam_user`` (https://github.com/ansible-collections/community.aws/pull/1059). - lambda - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1202). - lambda - add kms_key_arn parameter (https://github.com/ansible-collections/community.aws/pull/1108). - lambda - the behavior for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` and ``purge_tags`` to ``True`` (https://github.com/ansible-collections/community.aws/pull/1202). - rds_cluster - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - rds_instance - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - rds_instance - add ``deletion_protection`` parameter (https://github.com/ansible-collections/community.aws/pull/1105). - rds_instance - add support for addition/removal of iam roles to db instance (https://github.com/ansible-collections/community.aws/pull/1002). - rds_instance_snapshot - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1200). - rds_instance_snapshot - add ``check_mode`` (https://github.com/ansible-collections/community.aws/pull/789). - rds_instance_snapshot - add copy_db_snapshot functionality (https://github.com/ansible-collections/community.aws/pull/1078). - rds_instance_snapshot - add integration tests (https://github.com/ansible-collections/community.aws/pull/789). - rds_instance_snapshot - update module to use handlers defined in module_utils/rds.py (https://github.com/ansible-collections/community.aws/pull/789). - rds_option_group - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - rds_param_group - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1185). - rds_param_group - the default value for ``tags`` has been updated, to remove all tags the ``tags`` parameter must be explicitly set to the empty dict ``{}`` and ``purge_tags`` to ``True`` (https://github.com/ansible-collections/community.aws/pull/1183). - rds_subnet_group - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - redshift - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1182). - route53 - add support for GeoLocation param (https://github.com/ansible-collections/amazon.aws/pull/1117). - route53_health_check - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1185). - route53_info - add RETURN section to documentation (https://github.com/ansible-collections/community.aws/pull/1240). - route53_zone - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1185). - sqs_queue - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1185). - wafv2_ip_set - Added support for ``purge_tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1205). - wafv2_ip_set - Added support for returning tags (https://github.com/ansible-collections/community.aws/pull/1205). - wafv2_ip_set - Added support for updating tags (https://github.com/ansible-collections/community.aws/pull/1205). - wafv2_ip_set_info - Added support for returning tags (https://github.com/ansible-collections/community.aws/pull/1205). - wafv2_rule_group - Added support for ``purge_tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1210). - wafv2_rule_group - Added support for returning tags (https://github.com/ansible-collections/community.aws/pull/1210). - wafv2_rule_group - Added support for updating tags (https://github.com/ansible-collections/community.aws/pull/1210). - wafv2_rule_group_info - Added support for returning tags (https://github.com/ansible-collections/community.aws/pull/1210). - wafv2_web_acl - Added support for ``purge_tags`` (https://github.com/ansible-collections/community.aws/pull/1218). - wafv2_web_acl - Added support for updating tags (https://github.com/ansible-collections/community.aws/pull/1218). - wafv2_web_acl - ``resource_tags`` has been added as an alias for the ``tags`` parameter (https://github.com/ansible-collections/community.aws/pull/1218). - wafv2_web_acl - added support for returning tags (https://github.com/ansible-collections/community.aws/pull/1218). - wafv2_web_acl_info - added support for returning tags (https://github.com/ansible-collections/community.aws/pull/1218). removed_features: - aws_kms_info - the unused and deprecated ``keys_attr`` parameter has been removed (https://github.com/ansible-collections/amazon.aws/pull/1172). - data_pipeline - the ``version`` option has always been ignored and has been removed (https://github.com/ansible-collections/community.aws/pull/1160 - ec2_eip - The ``wait_timeout`` option has been removed. It has always been ignored by the module (https://github.com/ansible-collections/community.aws/pull/1159). - ec2_lc - the ``associate_public_ip_address`` option has been removed. It has always been ignored by the module (https://github.com/ansible-collections/community.aws/pull/1158). - ec2_metric_alarm - support for using the ``<=``, ``<``, ``>`` and ``>=`` operators for comparison has been dropped. Please use ``LessThanOrEqualToThreshold``, ``LessThanThreshold``, ``GreaterThanThreshold`` or ``GreaterThanOrEqualToThreshold`` instead (https://github.com/ansible-collections/amazon.aws/pull/1164). - ecs_ecr - The deprecated alias ``delete_policy`` has been removed. Please use ``purge_policy`` instead (https://github.com/ansible-collections/community.aws/pull/1161). - iam_managed_policy - the unused ``fail_on_delete`` parameter has been removed (https://github.com/ansible-collections/community.aws/pull/1168) - s3_lifecycle - the unused parameter ``requester_pays`` has been removed (https://github.com/ansible-collections/community.aws/pull/1165). - s3_sync - remove unused ``retries`` parameter (https://github.com/ansible-collections/community.aws/pull/1166). fragments: - 0000-ecs_taskdefinition_fix.yml - 1002-rds_instance-stabilize-and-support-iam-roles.yml - 1033-ec2_asg-check-mode-support.yml - 1048-ec2_asg_lifecycle_hook-add-integration-tests.yml - 1052-aws_kms-stabilize-integration-tests.yml - 1054-iam_role-delete-inline-policies-and-refactor.yml - 1059-iam_user-add-new-ret-val-handle-errors.yml - 1060-ec2_asg_lifecycle_hook-add_check_mode_support.yml - 1061-ec2_asg-integration-test-setup-bugfix.yml - 1064-ec2_asg_change_purge_tags.yml - 1077-s3_lifecycle-transition-days-zero.yml - 1078-rds_instance_snapshot-add-copy-snapshot.yml - 1085-s3_lifecycle-check-that-configuration-is-complete-before-returning.yml - 1093-iam_policy-update-docs-and-add-required_if.yml - 1105-rds_instance-add-deletion_protection-parameter.yml - 1108-lambda-checkmode-fix-kms_key_arn-param.yml - 1113-up-pagainated-retries-alb-info.yml - 1115-execute_lambda-checkmode-fix-update-return-docs.yml - 1117-route53-add_geo_location_support.yml - 1146-aws_secret-purge_tags.yml - 1158-ec2_lc-remove-associate_public_ip_address.yml - 1159-ec2_eip-remove-wait_timeout.yml - 1160-data_pipeline-remove-version.yml - 1161-ecs_ecr-remove-delete_policy.yml - 1164-ec2_metric_alarm-deprecation.yml - 1165-s3_lifecycle-requester_pays.yml - 1166-s3_sync-retries.yml - 1167-elb_network_lb-state.yml - 1168-iam_managed_policy-fail_on_delete.yml - 1171-ecs_ecr_pull_repo_policy.yml - 1172-aws_kms_info-keys_attr.yml - 1173-elb_instance-ec2_elbs.yml - 1181-ecs_service_capacity_provider_strategy.yml - 1182-tagging.yml - 1183-tagging.yml - 1185-tagging.yml - 1186-tagging.yml - 1189-ec2_vpc_nacl-tagging.yml - 1199-tagging.yml - 1200-tagging.yml - 1201-tagging-ec2_snapshot_copy.yml - 1202-tagging-lambda.yml - 1204-tagging-resource_tags-only.yml - 1205-tagging-wafv2_ip_set.yml - 1210-tagging-wafv2_rule_group.yml - 1218-tagging-wafv2_web_acl.yml - 1219-cloudtrail-taging.yml - 1232-ec2_vpc_vgw-purge_tags.yml - 1233-cloudwatchlogs_log_group-tagging.yml - 1234-dms_endpoint-tagging.yml - 1240-route53_info-add-return-section-documentation-block.yml - 1241-aws_ssm_parameter_store.yml - 1242-ec2_vpc_vpn-no-tags.yml - 1300-ecs_service-placementConstraints.yml - 151-profile-mutually-exclusive.yml - 789-rds_instance_snapshot.yml - 817-skip_purge_aws.yaml - 898-boto-removal.yaml - 967-dynamodb_table.yml - ec2_transit_gateway_IncorrectState.yaml - release-4--botocore.yml - remove-ec2_vpc_route_table.yml - validate-plugins.yml modules: - description: Create and delete AWS Transit Gateway VPC attachments name: ec2_transit_gateway_vpc_attachment namespace: '' - description: describes AWS Transit Gateway VPC attachments name: ec2_transit_gateway_vpc_attachment_info namespace: '' - description: Manage EKS Fargate Profile name: eks_fargate_profile namespace: '' - description: manage AWS Network Firewall firewalls name: networkfirewall namespace: '' - description: describe AWS Network Firewall firewalls name: networkfirewall_info namespace: '' - description: manage AWS Network Firewall policies name: networkfirewall_policy namespace: '' - description: describe AWS Network Firewall policies name: networkfirewall_policy_info namespace: '' - description: create, delete and modify AWS Network Firewall rule groups name: networkfirewall_rule_group namespace: '' - description: describe AWS Network Firewall rule groups name: networkfirewall_rule_group_info namespace: '' - description: Creates OpenSearch or ElasticSearch domain name: opensearch namespace: '' - description: obtain information about one or more OpenSearch or ElasticSearch domain name: opensearch_info namespace: '' - description: Manage Amazon RDS snapshots of DB clusters name: rds_cluster_snapshot namespace: '' release_date: '2022-06-23' 4.1.0: changes: bugfixes: - aws_api_gateway_domain - added the ``aws_api_gateway_domain`` module to the aws module_defaults group (https://github.com/ansible-collections/community.aws/pull/1283). - aws_config_aggregator - Fix ``KeyError`` when updating existing aggregator (https://github.com/ansible-collections/community.aws/pull/645). - aws_config_aggregator - Fix idempotency when ``account_sources`` parameter is not specified (https://github.com/ansible-collections/community.aws/pull/645). - aws_ssm - pull S3 bucket region for session generated for file transfer during playbooks (https://github.com/ansible-collections/community.aws/issues/1190). - aws_ssm_parameter_store - fixed bug where module wasn't consistently idempotent (https://github.com/ansible-collections/community.aws/pull/1309). - cloudfront_response_headers_policy - added the ``cloudfront_response_headers_policy`` module to the aws module_defaults group (https://github.com/ansible-collections/community.aws/pull/1283). - ec2_vpc_peer - fix idempotency when requester/accepter is reversed (https://github.com/ansible-collections/community.aws/issues/580). - kms_key_info - handle access denied errors more liberally (https://github.com/ansible-collections/community.aws/issues/206). - route53 - fixes bug preventing creating a DNS record with a weight of zero (https://github.com/ansible-collections/community.aws/issues/1378) - route53_info - fix ``max_items`` parameter when used with non-paginated commands (https://github.com/ansible-collections/community.aws/issues/1383). - sns_topic - fix bug which prevented the module being used in GovCloud (https://github.com/ansible-collections/community.aws/issues/836). deprecated_features: - aws_glue_connection - the ``connection_parameters`` return key has been deprecated and will be removed in a release after 2024-06-01, it is being replaced by the ``raw_connection_parameters`` key (https://github.com/ansible-collections/community.aws/pull/518). - community.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection has been deprecated and will be removed in a release after 2023-05-31 (https://github.com/ansible-collections/community.aws/pull/1361). - iam_policy - the ``policies`` return value has been renamed ``policy_names`` and will be removed in a release after 2024-08-01, both values are currently returned (https://github.com/ansible-collections/community.aws/pull/1375). - lambda_info - The ``function`` return key returns a dictionary of dictionaries and has been deprecated. In a release after 2025-01-01, this key will be removed in favor of ``functions``, which returns a list of dictionaries (https://github.com/ansible-collections/community.aws/pull/1239). - route53_info - The CamelCase return values for ``DelegationSets``, ``CheckerIpRanges``, and ``HealthCheck`` have been deprecated, in the future release you must use snake_case return values ``delegation_sets``, ``checker_ip_ranges``, and ``health_check`` instead respectively (https://github.com/ansible-collections/community.aws/pull/1322). minor_changes: - aws_glue_connection - added new ``raw_connection_parameters`` return key which doesn't snake case the connection parameters (https://github.com/ansible-collections/community.aws/pull/518). - aws_ssm_parameter_store - added support for check_mode (https://github.com/ansible-collections/community.aws/pull/1309). - cloudwatchevent_rule - Added ``targets.input_transformer.input_paths_map`` and ``targets.input_transformer.input_template`` parameters to support configuring on CloudWatch event rule input transformation (https://github.com/ansible-collections/community.aws/pull/623). - cloudwatchevent_rule - Applied validation of ``targets`` arguments (https://github.com/ansible-collections/community.aws/issues/201). - cloudwatchlogs_log_group - Added check_mode support (https://github.com/ansible-collections/community.aws/pull/1373). - ec2_launch_template - Adds support for specifying the ``source_version`` upon which template updates are based (https://github.com/ansible-collections/community.aws/pull/239). - ec2_scaling_policy - add TargetTrackingScaling as a scaling policy option (https://github.com/ansible-collections/community.aws/pull/771) - ec2_vpc_vgw_info - updated to not throw an error when run in check_mode (https://github.com/ansible-collections/community.aws/issues/137). - ecs_ecr - add ``force_absent`` parameter for removing repositories that contain images (https://github.com/ansible-collections/community.aws/pull/1316). - ecs_service - add ``wait`` parameter and waiter for deleting services (https://github.com/ansible-collections/community.aws/pull/1209). - ecs_service - added ``tags`` and ``tag_propagation`` support to the module (https://github.com/ansible-collections/community.aws/pull/543). - ecs_service - added parameter ``deployment_controller`` so service can be controlled by Code Deploy (https://github.com/ansible-collections/community.aws/pull/340). - ecs_task - add ``wait`` parameter and waiter for running and stopping tasks (https://github.com/ansible-collections/community.aws/pull/1209). - elasticache_info - added ``replication_group`` to the returned information for an elasticache cluster (https://github.com/ansible-collections/community.aws/pull/646). - iam_policy - added support for ``--diff`` mode (https://github.com/ansible-collections/community.aws/issues/560). - iam_policy - attempts to continue when read requests are denied by IAM policy (https://github.com/ansible-collections/community.aws/pull/1375). - iam_server_certificate - the deprecation for the ``iam_cert`` alias has been extended from release 4.0.0 to release 5.0.0 (https://github.com/ansible-collections/community.aws/pull/1257). - iam_server_certificate - the deprecations for ``cert_chain``, ``cert``, ``key`` and ``dup_ok`` have been extended from release 4.0.0 to release 5.0.0 (https://github.com/ansible-collections/community.aws/pull/1256). - lambda_info - add return key ``functions`` which returns a list of dictionaries instead of the previously returned ``function``, which returned a dictionary of dictionaries (https://github.com/ansible-collections/community.aws/pull/1239). - lambda_info - now returns basic configuration information of each lambda function, regardless of query (https://github.com/ansible-collections/community.aws/pull/1239). - rds_instance_snapshot - the deprecation for the ``rds_snapshot`` alias has been extended from release 4.0.0 to release 5.0.0 (https://github.com/ansible-collections/community.aws/pull/1257). - route53_health_check - Added new parameter ``health_check_id`` with alias ``id`` to allow update and delete health check by ID (https://github.com/ansible-collections/community.aws/pull/1143). - route53_health_check - Added new parameter ``use_unique_names`` used with new parameter ``health_check_name`` with alias ``name`` to set health check name as unique identifier (https://github.com/ansible-collections/community.aws/pull/1143). - s3_sync - improves error handling during ``HEAD`` operation to compare existing files (https://github.com/ansible-collections/community.aws/issues/58). - secretsmanager_secret - add support for storing JSON in secrets (https://github.com/ansible-collections/community.aws/issues/656). - sns_topic - Added ``attributes`` parameter to ``subscriptions`` items with support for RawMessageDelievery (SQS) fragments: - 1143-route53_health_check-update-delete-by-id-and-name.yml - 1176-ssm-connection-plugin-region-fix.yml - 1195-sns_topic.yml - 1209-ecs_service-add-waiters.yml - 1239-lambda_info-return_list.yml - 1257-deprecations.yml - 1282-meta.yml - 1308-ssm_parameter-check_mode.yml - 1315-ecs_ecr-force_absent.yaml - 1322-route53_info-add-snake_case-return-values.yml - 137-ec2_vpc_vgw_info.yml - 1373-cloudwatchlogs_log_group-add-check_mode-support.yml - 1379-zero_weight_dns_fix.yml - 1384-route53_info-fix-max-items.yml - 206-kms_key_info.yml - 239-launch_template-source-version.yml - 340-deployment-controller.yml - 518-aws_glue_connection-do-not-lowercase-connection-parameters.yml - 543-ecs_propagate_tags_support.yml - 544-add-targettracking-scaling-policy.yml - 560-iam_policy-diff.yml - 58-s3_sync.yml - 580-vpc_peer-idempotency.yml - 623-cloudwatchevents_rule-support_input_transformer.yml - 640-sns_topic-sub_attr.yml - 645-aws_config_aggregator-fix-update-and-idempotency.yml - 646-elasticache_info-replication_group.yml - 656-secrets-json.yml - python.yml modules: - description: Completes the lifecycle action of an instance name: autoscaling_complete_lifecycle_action namespace: '' - description: Manage an AWS Glue crawler name: aws_glue_crawler namespace: '' - description: Manage static IP addresses in AWS Lightsail name: lightsail_static_ip namespace: '' release_date: '2022-08-03' 4.1.1: changes: bugfixes: - ecs_service - fixes KeyError for ``deployment_controller`` parameter (https://github.com/ansible-collections/community.aws/pull/1393). fragments: - 1393-ecs_service.yml release_date: '2022-08-04' 4.2.0: changes: bugfixes: - s3_lifecycle - fix bug when deleting rules with an empty prefix (https://github.com/ansible-collections/community.aws/pull/1398). fragments: - 1398-s3_lifecycle-no-prefix.yml release_date: '2022-09-14' 4.3.0: changes: bugfixes: - ec2_placement_group - Handle a potential race creation during the creation of a new Placement Group (https://github.com/ansible-collections/community.aws/pull/1477). - rds_cluster - fixes bug where specifiying an rds cluster parameter group raises a ``KeyError`` (https://github.com/ansible-collections/community.aws/pull/1417). minor_changes: - autoscaling_group_info - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - cloudfront_distribution - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - cloudfront_origin_access_identity - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - cloudtrail - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - ec2_vpc_nacl - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - eks_fargate_profile - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - redshift - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - s3_bucket_info - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). release_summary: 'The community.aws 4.3.0 release includes a number of minor bug fixes and improvements. Following the release of amazon.aws 5.0.0, backports to the 4.x series will be limited to security issues and bugfixes.' fragments: - 1410-linting.yml - 1417-cluster-param-group-keyerror.yml - RELEASE-4.3.0.yml - ec2_placement_group_race_on_create.yaml release_date: '2022-10-06' 4.4.0: changes: bugfixes: - aws_ssm - fixes S3 bucket region detection by ensuring boto client has correct credentials and exists in correct partition (https://github.com/ansible-collections/community.aws/pull/1428). - ecs_ecr - fix a ``RepositoryNotFound`` exception when trying to create repositories in check mode (https://github.com/ansible-collections/community.aws/pull/1550). - opensearch - Fix cluster creation when using advanced security options (https://github.com/ansible-collections/community.aws/pull/1613). minor_changes: - elasticache_parameter_group - add ``redis6.x`` group family on the module input choices (https://github.com/ansible-collections/community.aws/pull/1476). release_summary: 'This is the minor release of the ``community.aws`` collection. This changelog contains all changes to the modules and plugins in this collection that have been made after the previous release.' fragments: - 1428-aws-ssm-missing-credentials.yml - 1476-add-redis6x-cache-parameter-group-family.yml - 1550-ecs_ecr-RepositoryNotFound.yml - 1565-healthCheck-docs.yml - 1579-ec2_vpc_vgw-deleted.yml - 1613-opensearch.yml - 20221026-pytest-forked.yml - 4.4.0.yml release_date: '2022-12-08' 4.5.0: changes: bugfixes: - aws_ssm - fix ``invalid literal for int`` error on some operating systems (https://github.com/ansible-collections/community.aws/issues/113). - ecs_service - respect ``placement_constraints`` for existing ecs services (https://github.com/ansible-collections/community.aws/pull/1601). - s3_lifecycle - Module no longer calls ``put_lifecycle_configuration`` if there is no change. (https://github.com/ansible-collections/community.aws/issues/1624) - ssm_parameter - Fix a ``KeyError`` when adding a description to an existing parameter (https://github.com/ansible-collections/community.aws/issues/1471). minor_changes: - ecs_service - support load balancer update for existing ecs services(https://github.com/ansible-collections/community.aws/pull/1625). - iam_role - Drop deprecation warning, because the standard value for purge parametes is ``true`` (https://github.com/ansible-collections/community.aws/pull/1636). release_summary: This is the minor release of the ``community.aws`` collection. fragments: - 1601-ecs_service-support_constraints_and_strategy_update.yml - 1624-s3-lifecycle-idempotent.yml - 1625-ecs_service-support-load-balancer-update.yml - 1627-ssm_parameter-KeyError-when-adding-description.yml - 20230112-aws_ssm-tests.yml - 4.5.0.yml - 558-ssm_connection-invalid-literal.yml - iam_role_purge_policy.yml release_date: '2023-01-25' 4.5.1: changes: bugfixes: - sns_topic - avoid fetching attributes from subscribers when not setting them, this can cause permissions issues (https://github.com/ansible-collections/community.aws/pull/1418). release_summary: 'This release contains a minor bugfix for the ``sns_topic`` module as well as corrections to the documentation for various modules. This is the last planned release of the 4.x series. ' fragments: - 1576-defaults.yml - 1757-config_rule-evaluation-mode.yml - iam_access_key_docs_fix.yml - release-notes.yml - sns_topic-cross-account.yml release_date: '2023-05-05' 5.0.0: changes: breaking_changes: - acm_certificate - the previously deprecated default value of ``purge_tags=False`` has been updated to ``purge_tags=True`` (https://github.com/ansible-collections/community.aws/pull/1343). - autoscaling_group - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.autoscaling_group``. - autoscaling_group_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.autoscaling_group_info``. - cloudfront_distribution - the previously deprecated default value of ``purge_tags=False`` has been updated to ``purge_tags=True`` (https://github.com/ansible-collections/community.aws/pull/1343). - cloudtrail - The module has been migrated to the ``amazon.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.cloudtrail``. - cloudwatch_metric_alarm - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.cloudwatch_metric_alarm``. - cloudwatchevent_rule - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.cloudwatchevent_rule``. - cloudwatchlogs_log_group - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.cloudwatchlogs_log_group``. - cloudwatchlogs_log_group_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.cloudwatchlogs_log_group_info``. - cloudwatchlogs_log_group_metric_filter - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.cloudwatchlogs_log_group_metric_filter``. - community.aws collection - Support for ansible-core < 2.11 has been dropped (https://github.com/ansible-collections/community.aws/pull/1541). - community.aws collection - The community.aws collection has dropped support for ``botocore<1.21.0`` and ``boto3<1.18.0``. Most modules will continue to work with older versions of the AWS SDK, however compatibility with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/community.aws/pull/1362). - ec2_eip - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_eip``. - ec2_eip_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.ec2_eip_info``. - ec2_vpc_vpn - the previously deprecated default value of ``purge_tags=False`` has been updated to ``purge_tags=True`` (https://github.com/ansible-collections/community.aws/pull/1343). - elb_application_lb - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.elb_application_lb``. - elb_application_lb_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.elb_application_lb_info``. - execute_lambda - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.execute_lambda``. - iam_policy - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_policy``. - iam_policy_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_policy_info``. - iam_server_certificate - Passing file names to the ``cert``, ``chain_cert`` and ``key`` parameters has been removed. We recommend using a lookup plugin to read the files instead, see the documentation for an example (https://github.com/ansible-collections/community.aws/pull/1265). - iam_server_certificate - the default value for the ``dup_ok`` parameter has been changed to ``true``. To preserve the original behaviour explicitly set the ``dup_ok`` parameter to ``false`` (https://github.com/ansible-collections/community.aws/pull/1265). - iam_user - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_user``. - iam_user_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_user_info``. - kms_key - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.kms_key``. - kms_key - managing the KMS IAM Policy via ``policy_mode`` and ``policy_grant_types`` was previously deprecated and has been removed in favor of the ``policy`` option (https://github.com/ansible-collections/community.aws/pull/1344). - kms_key - the previously deprecated default value of ``purge_tags=False`` has been updated to ``purge_tags=True`` (https://github.com/ansible-collections/community.aws/pull/1343). - kms_key_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.kms_key_info``. - lambda - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.lambda``. - lambda_alias - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.lambda_alias``. - lambda_event - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.lambda_event``. - lambda_execute - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.lambda_execute``. - lambda_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.lambda_info``. - lambda_policy - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.lambda_policy``. - rds_cluster - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_cluster``. - rds_cluster_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_cluster_info``. - rds_cluster_snapshot - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_cluster_snapshot``. - rds_instance - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_instance``. - rds_instance_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_instance_info``. - rds_instance_snapshot - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_instance_snapshot``. - rds_option_group - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_option_group``. - rds_option_group_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_option_group_info``. - rds_param_group - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_param_group``. - rds_param_group - the previously deprecated default value of ``purge_tags=False`` has been updated to ``purge_tags=True`` (https://github.com/ansible-collections/community.aws/pull/1343). - rds_snapshot_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_snapshot_info``. - rds_subnet_group - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.rds_subnet_group``. - route53 - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.route53``. - route53_health_check - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.route53_health_check``. - route53_health_check - the previously deprecated default value of ``purge_tags=False`` has been updated to ``purge_tags=True`` (https://github.com/ansible-collections/community.aws/pull/1343). - route53_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.route53_info``. - route53_zone - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.route53_zone``. - route53_zone - the previously deprecated default value of ``purge_tags=False`` has been updated to ``purge_tags=True`` (https://github.com/ansible-collections/community.aws/pull/1343). - sqs_queue - the previously deprecated default value of ``purge_tags=False`` has been updated to ``purge_tags=True`` (https://github.com/ansible-collections/community.aws/pull/1343). bugfixes: - ec2_placement_group - Handle a potential race creation during the creation of a new Placement Group (https://github.com/ansible-collections/community.aws/pull/1477). - elb_network_lb - fixes bug where ``ip_address_type`` in return value was not updated (https://github.com/ansible-collections/community.aws/pull/1365). - rds_cluster - fixes bug where specifiying an rds cluster parameter group raises a ``KeyError`` (https://github.com/ansible-collections/community.aws/pull/1417). - s3_sync - fix etag generation when running in FIPS mode (https://github.com/ansible-collections/community.aws/issues/757). deprecated_features: - community.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection has been deprecated and will be removed in a release after 2023-05-31 (https://github.com/ansible-collections/community.aws/pull/1361). minor_changes: - acm_certificate - Move to jittered backoff (https://github.com/ansible-collections/amazon.aws/pull/946). - acm_certificate_info - Move to jittered backoff (https://github.com/ansible-collections/amazon.aws/pull/946). - api_gateway_domain - Move to jittered backoff (https://github.com/ansible-collections/community.aws/pull/1386). - autoscaling_group_info - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - aws_acm - the ``aws_acm`` module has been renamed to ``acm_certificate``, ``aws_acm`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1263). - aws_acm_info - the ``aws_acm_info`` module has been renamed to ``acm_certificate_info``, ``aws_acm_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1263). - aws_api_gateway - the ``aws_api_gateway`` module has been renamed to ``api_gateway``, ``aws_api_gateway`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1288). - aws_api_gateway_domain - the ``aws_api_gateway_domain`` module has been renamed to ``api_gateway_domain``, ``aws_api_gateway_domain`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1288). - aws_application_scaling_policy - the ``aws_application_scaling_policy`` module has been renamed to ``application_autoscaling_policy``, ``aws_application_scaling_policy`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1314). - aws_batch_compute_environment - the ``aws_batch_compute_environment`` module has been renamed to ``batch_compute_environment``, ``aws_batch_compute_environment`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1272). - aws_batch_job_definition - the ``aws_batch_job_definition`` module has been renamed to ``batch_job_definition``, ``aws_batch_job_definition`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1272). - aws_batch_job_queue - the ``aws_batch_job_queue`` module has been renamed to ``batch_job_queue``, ``aws_batch_job_queue`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1272). - aws_codebuild - the ``aws_codebuild`` module has been renamed to ``codebuild_project``, ``aws_codebuild`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1308). - aws_codecommit - the ``aws_codecommit`` module has been renamed to ``codecommit_repository``, ``aws_codecommit`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1308). - aws_codepipeline - the ``aws_codepipeline`` module has been renamed to ``codepipeline``, ``aws_codepipeline`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1308). - aws_config_aggregation_authorization - the ``aws_config_aggregation_authorization`` module has been renamed to ``config_aggregation_authorization``, ``aws_config_aggregation_authorization`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1305). - aws_config_aggregator - the ``aws_config_aggregator`` module has been renamed to ``config_aggregator``, ``aws_config_aggregator`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1305). - aws_config_delivery_channel - the ``aws_config_delivery_channel`` module has been renamed to ``config_delivery_channel``, ``aws_config_delivery_channel`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1305). - aws_config_recorder - the ``aws_config_recorder`` module has been renamed to ``config_recorder``, ``aws_config_recorder`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1305). - aws_config_rule - the ``aws_config_rule`` module has been renamed to ``config_rule``, ``aws_config_rule`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1305). - aws_direct_connect_confirm_connection - the ``aws_direct_connect_confirm_connection`` module has been renamed to ``directconnect_confirm_connection``, ``aws_direct_connect_confirm_connection`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1286). - aws_direct_connect_connection - the ``aws_direct_connect_connection`` module has been renamed to ``directconnect_connection``, ``aws_direct_connect_connection`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1286). - aws_direct_connect_gateway - the ``aws_direct_connect_gateway`` module has been renamed to ``directconnect_gateway``, ``aws_direct_connect_gateway`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1286). - aws_direct_connect_link_aggregation_group - the ``aws_direct_connect_link_aggregation_group`` module has been renamed to ``directconnect_link_aggregation_group``, ``aws_direct_connect_link_aggregation_group`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1286). - aws_direct_connect_virtual_interface - the ``aws_direct_connect_virtual_interface`` module has been renamed to ``directconnect_virtual_interface``, ``aws_direct_connect_virtual_interface`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1286). - aws_eks_cluster - the ``aws_eks_cluster`` module has been renamed to ``eks_cluster``, ``aws_eks_cluster`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1269). - aws_glue_connection - the ``aws_glue_connection`` module has been renamed to ``glue_connection``, ``aws_glue_connection`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1300). - aws_glue_crawler - the ``aws_glue_crawler`` module has been renamed to ``glue_crawler``, ``aws_glue_crawler`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1300). - aws_glue_job - the ``aws_glue_job`` module has been renamed to ``glue_job``, ``aws_glue_job`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1300). - aws_inspector_target - the ``aws_inspector_target`` module has been renamed to ``inspector_target``, ``aws_inspector_target`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1318). - aws_kms - the ``aws_kms`` module has been renamed to ``kms_key``, ``aws_kms`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1284). - aws_kms_info - the ``aws_kms_info`` module has been renamed to ``kms_key_info``, ``aws_kms_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1284). - aws_msk_cluster - the ``aws_msk_cluster`` module has been renamed to ``msk_cluster``, ``aws_msk_cluster`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1311). - aws_msk_config - the ``aws_msk_config`` module has been renamed to ``msk_config``, ``aws_msk_config`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1311). - aws_s3_bucket_info - the ``aws_s3_bucket_info`` module has been renamed to ``s3_bucket_info``, ``aws_s3_bucket_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1271). - aws_s3_cors - the ``aws_s3_cors`` module has been renamed to ``s3_cors``, ``aws_s3_cors`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1271). - aws_secret - the ``aws_secret`` module has been renamed to ``secretsmanager_secret``, ``aws_secret`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1315). - aws_ses_identity - the ``aws_ses_identity`` module has been renamed to ``ses_identity``, ``aws_ses_identity`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1264). - aws_ses_identity_policy - the ``aws_ses_identity_policy`` module has been renamed to ``ses_identity_policy``, ``aws_ses_identity_policy`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1264). - aws_ses_rule_set - the ``aws_ses_rule_set`` module has been renamed to ``ses_rule_set``, ``aws_ses_rule_set`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1264). - aws_sgw_info - the ``aws_sgw_info`` module has been renamed to ``storagegateway_info``, ``aws_sgw_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1301). - aws_ssm_parameter_store - the ``aws_ssm_parameter_store`` module has been renamed to ``ssm_parameter``, ``aws_ssm_parameter_store`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1313). - aws_step_functions_state_machine - the ``aws_step_functions_state_machine`` module has been renamed to ``stepfunctions_state_machine``, ``aws_step_functions_state_machine`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1310). - aws_step_functions_state_machine_execution - the ``aws_step_functions_state_machine_execution`` module has been renamed to ``stepfunctions_state_machine_execution``, ``aws_step_functions_state_machine_execution`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1310). - aws_waf_condition - the ``aws_waf_condition`` module has been renamed to ``waf_condition``, ``aws_waf_condition`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1299). - aws_waf_info - the ``aws_waf_info`` module has been renamed to ``waf_info``, ``aws_waf_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1299). - aws_waf_rule - the ``aws_waf_rule`` module has been renamed to ``waf_rule``, ``aws_waf_rule`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1299). - aws_waf_web_acl - the ``aws_waf_web_acl`` module has been renamed to ``waf_web_acl``, ``aws_waf_web_acl`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1299). - cloudfront_distribution - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - cloudfront_info - the ``cloudfront_info`` module has been renamed to ``cloudfront_distribution_info``, ``cloudfront_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1352). - cloudfront_origin_access_identity - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - cloudtrail - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - community.aws modules - the ``ec2_url`` parameter has been renamed to ``endpoint_url`` for consistency, ``ec2_url`` remains as an alias (https://github.com/ansible-collections/amazon.aws/pull/992). - ec2_asg - the ``ec2_asg`` module has been renamed to ``autoscaling_group``, ``ec2_asg`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_asg_info - the ``ec2_asg_info`` module has been renamed to ``autoscaling_group_info``, ``ec2_asg_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_asg_instance_refresh - the ``ec2_asg_instance_refresh`` module has been renamed to ``autoscaling_instance_refresh``, ``ec2_asg_instance_refresh`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_asg_instance_refresh_info - the ``ec2_asg_instance_refresh_info`` module has been renamed to ``autoscaling_instance_refresh_info``, ``ec2_asg_instance_refresh_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_asg_lifecycle_hook - the ``ec2_asg_lifecycle_hook`` module has been renamed to ``autoscaling_lifecycle_hool``, ``ec2_asg_lifecycle_hook`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_asg_scheduled_action - the ``ec2_asg_scheduled_action`` module has been renamed to ``autoscaling_scheduled_action``, ``ec2_asg_scheduled_action`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_lc - the ``ec2_lc`` module has been renamed to ``autoscaling_launch_config``, ``ec2_lc`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_lc_find - the ``ec2_lc_find`` module has been renamed to ``autoscaling_launch_config_find``, ``ec2_lc_find`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_lc_info - the ``ec2_lc_info`` module has been renamed to ``autoscaling_launch_config_info``, ``ec2_lc_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_metric_alarm - the ``ec2_metric_alarm`` module has been renamed to ``cloudwatch_metric_alarm``, ``ec2_metric_alarm`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1304). - ec2_scaling_policy - the ``ec2_scaling_policy`` module has been renamed to ``autoscaling_policy``, ``ec2_scaling_policy`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1294). - ec2_vpc_nacl - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - ec2_vpc_vpn - minor tweak to ``VPNConnectionException`` to pass message through to the superclass (https://github.com/ansible-collections/community.aws/pull/1407). - eks_fargate_profile - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - elb_target_group - instead of completely ignoring ``health_check_path`` and ``successful_response_codes`` if ``health_check_protocol`` is not supplied, now raises an error (https://github.com/ansible-collections/community.aws/issues/29). - redshift - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - s3_bucket_info - minor sanity test fixes (https://github.com/ansible-collections/community.aws/pull/1410). - waf_condition - Move to jittered backoff (https://github.com/ansible-collections/amazon.aws/pull/946). - waf_info - Move to jittered backoff (https://github.com/ansible-collections/amazon.aws/pull/946). - waf_rule - Move to jittered backoff (https://github.com/ansible-collections/amazon.aws/pull/946). - waf_web_acl - Move to jittered backoff (https://github.com/ansible-collections/amazon.aws/pull/946). release_summary: 'In this release many community modules have been promoted to Red Hat supported status. Those modules have been moved from the commuity.aws to amazon.aws collection. The community.aws collection has dropped support for ``botocore<1.21.0`` and ``boto3<1.18.0``. Support for ``ansible-core<2.11`` has also been dropped. This release also brings some new features, bugfixes, breaking changes and deprecated features. ' fragments: - 1263-acm_certificate.yml - 1264-rename_ses.yml - 1265-iam_server_cerificate_deprecations.yml - 1269-rename_eks.yml - 1271-rename-s3.yml - 1272-rename-batch.yml - 1284-rename-kms.yml - 1286-rename-directconnect.yml - 1288-rename-apigateway.yml - 1294-rename_autoscaling.yml - 1299-waf-renames.yml - 1300-rename-glue.yml - 1301-rename-sgw.yml - 1304-rename_cloudwatch.yml - 1305-rename-config.yml - 1308-rename-code.yml - 1310-rename_stepfunctions.yml - 1311-rename-msk.yml - 1313-rename-ssm.yml - 1314-rename-app_autoscale.yml - 1315-rename-aws_secret.yml - 1318-rename-inspector.yml - 1343-purge_tags.yml - 1344-kms_key-policy_grant_types.yml - 1352-rename-cloudfront.yml - 1365-elb_network_lb-ip_address_type.yml - 1407-ec2_vpc_vpn.yml - 1410-linting.yml - 1417-cluster-param-group-keyerror.yml - 1541-old-ansible.yml - 1541-route53-module_utills.yml - 29-elb_target_group-health_check_protocol.yml - 757-s3_sync-FIPS.yml - 946-retries.yml - 992-ec2_url.yml - RELEASE.yml - botocore.yml - cloudtrail_promotion.yaml - ec2_placement_group_race_on_create.yaml - ec2_transit_gateway_vpc_attachment_increase_test_duration.yaml - integration-test-duration.yaml - migrate_autoscaling_group.yml - migrate_cloudwatch_metric_alarm.yml - migrate_cloudwatchevent.yml - migrate_cloudwatchlogs.yml - migrate_ec2_eip.yml - migrate_elb_application_lb.yml - migrate_iam_policy.yml - migrate_iam_user.yml - migrate_kms_key.yml - migrate_lambda.yml - migrate_rds_cluster.yml - migrate_rds_instance.yml - migrate_rds_option_group.yml - migrate_rds_param_group.yml - migrate_rds_snapshot.yml - migrate_rds_subnet_group.yml - migrate_route53.yml - migrate_route53_module_utils.yml - python.yml - test-dedicate_more_time_to_slow_Targets.yaml - tests-acm_certificate.yaml - tests-autoscaling_scheduled_action.yaml modules: - description: Performs validation of IAM policies name: accessanalyzer_validate_policy_info namespace: '' release_date: '2022-10-06' 5.1.0: changes: bugfixes: - aws_ssm - fixes S3 bucket region detection by ensuring boto client has correct credentials and exists in correct partition (https://github.com/ansible-collections/community.aws/pull/1428). - ec2_snapshot_copy - including tags caused the erorr ``Tag specification resource type must have a value``. Fix sets the ResourceType to snapshot to resolve this issue (https://github.com/ansible-collections/community.aws/pull/1419). - ecs_ecr - fix a ``RepositoryNotFound`` exception when trying to create repositories in check mode (https://github.com/ansible-collections/community.aws/pull/1550). - opensearch - Fix cluster creation when using advanced security options (https://github.com/ansible-collections/community.aws/pull/1613). minor_changes: - elasticache_parameter_group - add ``redis6.x`` group family on the module input choices (https://github.com/ansible-collections/community.aws/pull/1476). - elb_target_group - add support for ``protocol_version`` parameter (https://github.com/ansible-collections/community.aws/pull/1496). release_summary: 'This is the minor release of the ``community.aws`` collection. This changelog contains all changes to the modules and plugins in this collection that have been made after the previous release.' fragments: - 1419-fix-ec2_snapshot_copy-with-tags.yml - 1428-aws-ssm-missing-credentials.yml - 1476-add-redis6x-cache-parameter-group-family.yml - 1496-elb_target_group-add-protocol_version-support.yml - 1550-ecs_ecr-RepositoryNotFound.yml - 1565-healthCheck-docs.yml - 1576-defaults.yml - 1579-ec2_vpc_vgw-deleted.yml - 1613-opensearch.yml - 20221026-pytest-forked.yml - 5.1.0.yml release_date: '2022-12-08' 5.2.0: changes: bugfixes: - aws_ssm - fix ``invalid literal for int`` error on some operating systems (https://github.com/ansible-collections/community.aws/issues/113). - aws_ssm - fixes bug with presigned S3 URLs in post-2019 AWS regions (https://github.com/ansible-collections/community.aws/issues/1616). - ecs_service - respect ``placement_constraints`` for existing ECS services (https://github.com/ansible-collections/community.aws/pull/1601). - s3_lifecycle - module no longer calls ``put_lifecycle_configuration`` if there is no change (https://github.com/ansible-collections/community.aws/issues/1624). - ssm_parameter - fix a ``KeyError`` when adding a description to an existing parameter (https://github.com/ansible-collections/community.aws/issues/1471). minor_changes: - aws_ssm - add ``ansible_aws_ssm_s3_addressing_style`` to allow setting the S3 addressing style (https://github.com/ansible-collections/community.aws/pull/1633). - aws_ssm - add support for custom SSM documents (https://github.com/ansible-collections/community.aws/pull/876). - aws_ssm - avoid overloading ``subprocess`` (https://github.com/ansible-collections/community.aws/pull/1660). - aws_ssm - cleanup logging output (https://github.com/ansible-collections/community.aws/pull/1660). - aws_ssm - minor refactoring (https://github.com/ansible-collections/community.aws/pull/1660). - aws_ssm - refactor boto3 client initialization (https://github.com/ansible-collections/community.aws/pull/1663). - aws_ssm - refactor remote command generation (https://github.com/ansible-collections/community.aws/pull/1664). - ecs_cluster - add support for ``capacity_providers`` and ``capacity_provider_strategy`` features (https://github.com/ansible-collections/community.aws/pull/1640). - ecs_cluster - append default value to documentation (https://github.com/ansible-collections/community.aws/pull/1636). - ecs_ecr - add ``encryption_configuration`` option (https://github.com/ansible-collections/community.aws/pull/1623). - ecs_service - support load balancer update for existing ECS services (https://github.com/ansible-collections/community.aws/pull/1625). - iam_role - Drop deprecation warning, because the standard value for purge parameters is ``true`` (https://github.com/ansible-collections/community.aws/pull/1636). - ssm_parameter - fix typo in examples ``paramater`` (https://github.com/ansible-collections/community.aws/issues/1642). release_summary: 'A minor release containing bugfixes for the ``aws_ssm`` connection plugin and the ``ecs_service``, ``s3_lifecycle`` and ``ssm_parameter`` modules. As well as improvements to the ``ecs_cluster``, ``ec2_ecr``, ``ecs_service``, ``iam_role`` and ``ssm_parameter`` plugins. ' fragments: - 1601-ecs_service-support_constraints_and_strategy_update.yml - 1616-aws_ssm-new-regions.yml - 1623-ecs_ecr-add-kms-config.yml - 1624-s3-lifecycle-idempotent.yml - 1625-ecs_service-support-load-balancer-update.yml - 1627-ssm_parameter-KeyError-when-adding-description.yml - 1633-s3-url-address-style.yml - 1642-ssm_parameter.yml - 1660-aws_ssm-logging.yml - 1663-aws_ssm-client.yml - 1664-aws_ssm-transport_command.yml - 1676-changelog.yml - 20230112-aws_ssm-tests.yml - 20230113-encryption.yml - 558-ssm_connection-invalid-literal.yml - 770-ecs-capacity-provider-strategy.yml - 876-aws_ssm_connection_ssm_document.yml - aws_ssm-facts.yml - iam_role_purge_policy.yml - release-5.2.0.yml release_date: '2023-01-24' 5.3.0: changes: bugfixes: - aws_ssm - fix copying empty file with older curl versions (https://github.com/ansible-collections/community.aws/issues/1686). - eks_cluster - adding tags to eks cluster creation (https://github.com/ansible-collections/community.aws/pull/1591). - sns_topic - avoid fetching attributes from subscribers when not setting them, this can cause permissions issues (https://github.com/ansible-collections/community.aws/pull/1418). deprecated_features: - ecs_service - In a release after 2024-06-01, tha default value of ``purge_placement_constraints`` will be change from ``false`` to ``true`` (https://github.com/ansible-collections/community.aws/pull/1716). - ecs_service - In a release after 2024-06-01, tha default value of ``purge_placement_strategy`` will be change from ``false`` to ``true`` (https://github.com/ansible-collections/community.aws/pull/1716). - iam_role - All top level return values other than ``iam_role`` and ``changed`` have been deprecated and will be removed in a release after 2023-12-01 (https://github.com/ansible-collections/community.aws/issues/551). - iam_role - In a release after 2023-12-01 the contents of ``assume_role_policy_document`` will no longer be converted from CamelCase to snake_case. The ``assume_role_policy_document_raw`` return value already returns the policy document in this future format (https://github.com/ansible-collections/community.aws/issues/551). - iam_role_info - In a release after 2023-12-01 the contents of ``assume_role_policy_document`` will no longer be converted from CamelCase to snake_case. The ``assume_role_policy_document_raw`` return value already returns the policy document in this future format (https://github.com/ansible-collections/community.aws/issues/551). minor_changes: - aws_ssm - added support for specifying the endpoint to use when connecting to the S3 API (https://github.com/ansible-collections/community.aws/pull/1619). - aws_ssm - remove unused imports (https://github.com/ansible-collections/community.aws/pull/1707). - aws_ssm - rework environment variable handling to use built in Ansible plugin support (https://github.com/ansible-collections/community.aws/pull/514). - batch_job_definition - make trailing comma tuple explicitly a tuple (https://github.com/ansible-collections/community.aws/pull/1707). - ecs_service - ``task_definition`` is now optional when ``force_new_deployment`` is ``True`` (https://github.com/ansible-collections/community.aws/pull/1680). - ecs_service - new parameter ``purge_placement_constraints`` to have the ability to remove the placement constraints of an ECS Service (https://github.com/ansible-collections/community.aws/pull/1716). - ecs_service - new parameter ``purge_placement_strategy`` to have the ability to remove the placement strategy of an ECS Service (https://github.com/ansible-collections/community.aws/pull/1716). - iam_role - added ``assume_role_policy_document_raw`` to the role return values, this doesn't convert policy document contents from CamelCase to snake_case (https://github.com/ansible-collections/community.aws/issues/551). - iam_role_info - added ``assume_role_policy_document_raw`` to the role return values, this doesn't convert policy document contents from CamelCase to snake_case (https://github.com/ansible-collections/community.aws/issues/551). - inspector_target - minor linting fix (https://github.com/ansible-collections/community.aws/pull/1707). - s3_lifecycle - add parameter ``noncurrent_version_keep_newer`` to set the number of newest noncurrent versions to retain (https://github.com/ansible-collections/community.aws/pull/1606). - secretsmanager_secret - added support for region replication using the ``replica`` parameter (https://github.com/ansible-collections/community.aws/pull/827). - secretsmanager_secret - added the ``overwrite`` parameter to support only setting the secret if it doesn't exist (https://github.com/ansible-collections/community.aws/pull/1628). - sns_topic - add support for ``content_based_deduplication`` parameter (https://github.com/ansible-collections/community.aws/pull/1693). - sns_topic - add support for ``tags`` and ``purge_tags`` (https://github.com/ansible-collections/community.aws/pull/972). - sqs_queue - add support for ``deduplication_scope`` parameter (https://github.com/ansible-collections/community.aws/pull/1603). - sqs_queue - add support for ``fifo_throughput_limit`` parameter (https://github.com/ansible-collections/community.aws/pull/1603). - ssm_parameter - add support for tags in ssm parameters (https://github.com/ansible-collections/community.aws/issues/1573). release_summary: This release brings some minor changes, bugfixes and deprecations. fragments: - 1426-docs_update_ecs_taskdefinition.yml - 1574-ssm-parameter-support-for-tags.yml - 1591-eks-add-tags-cluster.yml - 1606-s3_lifecycle_add_number_of_versions_to_retain.yml - 1619-add-s3-bucket-endpoint-url-var-for-private-network-vpc-interface-endpoints.yml - 1628-secretsmanager_secret-overwrite.yml - 1680-ecs_service-force_redeploy_taskdef_optional.yml - 1690-fix-copying-empty-file.yml - 1693-sns_topic.yml - 1726-ssm_connection-vars_tests.yml - 1728_remove_state.yml - 1734-typo.yml - 20221125-sqs-high-throughput.yml - 20230204-sanity.yml - 514-aws_ssm-env_vars.yml - 551-iam_role-policy_documents.yml - 827-secretsmanager_secret-replication.yml - 972-sns_topic-add_tags.yaml - ecs_service_and_ecs_integration_test.yml - eks.yml - eks_release.yml - iam_access_key_docs_fix.yml - release-summary.yml - sns_topic-cross-account.yml modules: - description: Manage EKS Nodegroup module name: eks_nodegroup namespace: '' release_date: '2023-03-07' 5.4.0: changes: minor_changes: - ecs_service - added new parameter ``enable_execute_command`` (https://github.com/ansible-collections/community.aws/pull/488). - ecs_service - handle SDK errors more cleanly on update failures (https://github.com/ansible-collections/community.aws/pull/488). - sns - Add support for ``message_group_id`` and ``message_deduplication_id`` (https://github.com/ansible-collections/community.aws/pull/1733). release_summary: This minor release brings minor new features to the ``sns`` and ``ecs_service`` modules. fragments: - 1733-sns-publish-to-fifo-topics.yml - 488-ecs_service-support_exec.yml - release-5.4.0.yml release_date: '2023-03-27' 5.5.0: changes: bugfixes: - cloudformation_stack_set - add a waiter to ensure that update operation complete before adding stack instances (https://github.com/ansible-collections/community.aws/issues/1608). - eks_nodegroup - fix handling of ``remote_access`` option (https://github.com/ansible-collections/community.aws/issues/1771). - elasticache_info - ignore the ``CacheClusterNotFound`` exception when collecting tags (https://github.com/ansible-collections/community.aws/pull/1777). - elb_target_group - ensure ``AvailabilityZone`` is kept in target definitions when ``Id`` and ``Port`` are passed (https://github.com/ansible-collections/community.aws/issues/1736). - elb_target_group - get ``ProtocolVersion`` key from ``target_group`` attributes only when exists (https://github.com/ansible-collections/community.aws/pull/1800). - msk_cluster - fix creating a cluster with SASL/SCRAM authentication (https://github.com/ansible-collections/community.aws/issues/1761). - s3_lifecycle - fix invalid value type for transitions list (https://github.com/ansible-collections/community.aws/issues/1774) minor_changes: - ec2_launch_template - Add parameter ``version_description`` (https://github.com/ansible-collections/community.aws/pull/1763). - msk_cluster - add option for SASL/IAM authentication and add support to disable unauthenticated clients (https://github.com/ansible-collections/community.aws/issues/1761). release_summary: 'This release contains a number of bugfixes for various modules, as well as new features for the ``ec2_launch_template`` and ``msk_cluster`` modules. This is the last planned minor release prior to the release of version 6.0.0. ' fragments: - 1736-elb_target_group_property.yml - 1757-config_rule-evaluation-mode.yml - 1761-msk_cluster-fix-authentication.yml - 1763-ec2-launch-template-add-version-description.yml - 1771-remote-access.yml - 1797-s3-acls.yml - 1800-elb_target_group_property.yml - 20230424-cloudformation_stack_set.yml - 20230424-s3_lifecycle.yml - elasticache_info-ignore-CacheClusterNotFound-when-reading-tags.yaml - release-notes.yml release_date: '2023-05-05' 5.5.1: changes: bugfixes: - cloudfront_distribution - no longer crashes when waiting for completion of creation (https://github.com/ansible-collections/community.aws/issues/255). - cloudfront_distribution - now honours the ``enabled`` setting (https://github.com/ansible-collections/community.aws/issues/1823). release_summary: This release brings several bugfixes. fragments: - 1823-cloudfront_distribution_always_created_enabled.yml - 20230627-ci-fixup.yml - 20230701-ci-fixup.yml - 20230704-github_workflows.yml - 255-cloudfront_distribution_create_wait_crash.yml - release_summary.yml - test-reqs.yml - tests-requirements.yml release_date: '2023-07-05' 6.0.0: changes: breaking_changes: - The community.aws collection has dropped support for ``botocore<1.25.0`` and ``boto3<1.22.0``. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/community.aws/pull/1743). - aws_ssm - the AWS SSM plugin was incorrectly prepending ``sudo`` to most commands. This behaviour was incorrect and has been removed. To execute commands as a specific user, including the ``root`` user, the ``become`` and ``become_user`` directives should be used. See the `Ansible documentation for more information `_ (https://github.com/ansible-collections/community.aws/issues/853). - codebuild_project - ``tags`` parameter now accepts a dict representing the tags, rather than the boto3 format (https://github.com/ansible-collections/community.aws/pull/1643). bugfixes: - opensearch_info - Fix the name of the domain_name key in the example (https://github.com/ansible-collections/community.aws/pull/1811). - ses_identity - fix clearing notification topic (https://github.com/ansible-collections/community.aws/issues/150). deprecated_features: - community.aws collection - due to the AWS SDKs Python support policies (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.8 by this collection is expected to be removed in a release after 2024-12-01 (https://github.com/ansible-collections/community.aws/pull/1743). - community.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection has been deprecated and will be removed in release 7.0.0. (https://github.com/ansible-collections/community.aws/pull/1743). minor_changes: - The ``black`` code formatter has been run across the collection to improve code consistency (https://github.com/ansible-collections/community.aws/pull/1784). - aws_config_delivery_channel - add support for encrypted objects in S3 via KMS key (https://github.com/ansible-collections/community.aws/pull/1786). - aws_ssm - Updated the documentation to explicitly mention that the ``ansible_user`` and ``remote_user`` variables are not supported by the plugin (https://github.com/ansible-collections/community.aws/pull/1682). - bulk migration of ``%`` and ``.format()`` to fstrings (https://github.com/ansible-collections/community.aws/pull/1810). - cloudfront_distribution - add ``http3`` support via parameter value ``http2and3`` for parameter ``http_version`` (https://github.com/ansible-collections/community.aws/pull/1753). - cloudfront_distribution - add ``origin_shield`` options (https://github.com/ansible-collections/community.aws/pull/1557). - cloudfront_distribution - documented ``connection_attempts`` and ``connection_timeout`` the module was already capable of using them - community.aws - updated document fragments based on changes in amazon.aws (https://github.com/ansible-collections/community.aws/pull/1738). - community.aws - updated imports based on changes in amazon.aws (https://github.com/ansible-collections/community.aws/pull/1738). - ecs_ecr - use ``compare_policies`` when comparing lifecycle policies instead of naive ``sort_json_policy_dict`` comparisons (https://github.com/ansible-collections/community.aws/pull/1551). - elasticache - Use the ``cache.t3.small`` node type in the example. ``cache.m1.small`` is not deprecated. - minor code fixes and enable integration tests for modules cloudfront_distribution, cloudfront_invalidation and cloudfront_origin_access_identity (https://github.com/ansible-collections/community.aws/pull/1596). - module_utils.botocore - Add Ansible AWS User-Agent identification (https://github.com/ansible-collections/community.aws/pull/1632). - wafv2_rule_group_info - remove unused and deprecated ``state`` parameter (https://github.com/ansible-collections/community.aws/pull/1555). release_summary: 'This release brings some new plugins and features. Several bugfixes, breaking changes and deprecated features are also included. The community.aws collection has dropped support for ``botocore<1.25.0`` and ``boto3<1.22.0``. Support for Python 3.6 has also been dropped. ' fragments: - 1435-connection-attempt-timeout.yml - 1551-ecs_ecr-sort_json_policy.yml - 1555-wafv2_rule_group_info.yml - 1557-cloudfront-add-origin-shield.yml - 1634-networkfirewall_rule_group-tests.yml - 1643-codebuild_project.yml - 1730-ses-identity-fix-clearing-notification-topic.yml - 1738-headers.yml - 1753-cloudfront-add-http3.yml - 1784-black.yml - 1798-aws_ssm-black.yml - 20221103-autoscaling_scheduled_action.yml - 20230307-blueprint.yml - 20230423-update_readme_and_runtime.yml - 20230424-config-delivery-channel.yml - 6.0.0-release.yml - 853-aws_ssm-sudo.yml - ansible-user-agent-identification.yaml - botocore-tests.yml - cloudfront_integration_tests_activate.yaml - elasticache-use-up-to-date-node-type-in-example.yaml - fstring-1.yml - integration_tests_max_duration_increase.yaml - opensearch_info_example_key_name.yaml - python37.yml - release-6-botocore.yml - version_added.yml modules: - description: Manage an AWS VPC Carrier gateway name: ec2_carrier_gateway namespace: '' - description: Gather information about carrier gateways in AWS name: ec2_carrier_gateway_info namespace: '' - description: Creates snapshots of AWS Lightsail instances name: lightsail_snapshot namespace: '' - description: MQ broker management name: mq_broker namespace: '' - description: Update Amazon MQ broker configuration name: mq_broker_config namespace: '' - description: Retrieve MQ Broker details name: mq_broker_info namespace: '' - description: Manage users in existing Amazon MQ broker name: mq_user namespace: '' - description: List users of an Amazon MQ broker name: mq_user_info namespace: '' - description: Get SSM inventory information for EC2 instance name: ssm_inventory_info namespace: '' release_date: '2023-05-10' 6.1.0: changes: bugfixes: - batch_compute_environment - fixed incorrect handling of Gov Cloud ARNs in ``compute_environment_name`` parameter (https://github.com/ansible-collections/community.aws/issues/1846). - cloudfront_distribution - The origins recognises the s3 domains with region part now (https://github.com/ansible-collections/community.aws/issues/1819). - cloudfront_distribution - no longer crashes when waiting for completion of creation (https://github.com/ansible-collections/community.aws/issues/255). - cloudfront_distribution - now honours the ``enabled`` setting (https://github.com/ansible-collections/community.aws/issues/1823). - dynamodb_table - secondary indexes are now created (https://github.com/ansible-collections/community.aws/issues/1825). - ec2_launch_template - fixed incorrect handling of Gov Cloud ARNs in ``compute_environment_name`` parameter (https://github.com/ansible-collections/community.aws/issues/1846). - elasticache_info - remove hard coded use of ``aws`` partition (https://github.com/ansible-collections/community.aws/issues/1846). - iam_role - fixed incorrect rejection of Gov Cloud ARNs in ``boundary`` parameter (https://github.com/ansible-collections/community.aws/issues/1846). - msk_cluster - remove hard coded use of ``aws`` partition (https://github.com/ansible-collections/community.aws/issues/1846). - redshift - fixed hard coded use of ``aws`` partition (https://github.com/ansible-collections/community.aws/issues/1846). minor_changes: - dynamodb_table - added waiter when updating indexes to avoid concurrency issues (https://github.com/ansible-collections/community.aws/pull/1866). - dynamodb_table - increased default timeout based on time to update indexes in CI (https://github.com/ansible-collections/community.aws/pull/1866). - iam_group - refactored ARN validation handling (https://github.com/ansible-collections/community.aws/pull/1848). - iam_role - refactored ARN validation handling (https://github.com/ansible-collections/community.aws/pull/1848). - sns_topic - refactored ARN validation handling (https://github.com/ansible-collections/community.aws/pull/1848). release_summary: This release brings a new inventory plugin, some new features, and several bugfixes. fragments: - 1819-cloudfront-distribution-s3-domain-recognise.yaml - 1823-cloudfront_distribution_always_created_enabled.yml - 1825-dynamodb-table-no-secondary-indexes.yml - 1846-arn.yml - 20230531-mq-fix_fqdn.yml - 20230613-black.yml - 20230627-ci-fixup.yml - 20230701-ci-fixup.yml - 20230702-dynamodb_waiter.yml - 255-cloudfront_distribution_create_wait_crash.yml - 6.0.0.yml - release_summary.yml - test-reqs.yml - tests-requirements.yml plugins: inventory: - description: MQ broker inventory source name: aws_mq namespace: null release_date: '2023-07-07' 6.2.0: changes: bugfixes: - Remove ``apigateway`` and ``apigateway_deployment`` from meta/runtime.yml (https://github.com/ansible-collections/community.aws/pull/1905). minor_changes: - api_gateway - add support for parameters ``name``, ``lookup``, ``tags`` and ``purge_tags`` (https://github.com/ansible-collections/community.aws/pull/1845). - ec2_vpc_vpn - add support for connecting VPNs to a transit gateway (https://github.com/ansible-collections/community.aws/pull/1877). release_summary: This release includes some new features for the ``community.aws.ec2_vpc_vpn`` and ``community.aws.api_gateway`` modules. fragments: - 20230620-api_gateway-add-optional-name.yml - 20230804-update-meta-runtime.yaml - release_summary.yml - transit_gateway_to_vpn.yaml release_date: '2023-08-04' 7.0.0: changes: breaking_changes: - The community.aws collection has dropped support for ``botocore<1.29.0`` and ``boto3<1.26.0``. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/amazon.aws/pull/1763). - aws_region_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.aws_region_info``. - aws_s3_bucket_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.aws_s3_bucket_info``. - community.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection wss been deprecated in release 6.0.0 and removed in release 7.0.0. (https://github.com/ansible-collections/amazon.aws/pull/1763). - iam_access_key - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_access_key``. - iam_access_key_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_access_key_info``. - iam_group - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_group`` (https://github.com/ansible-collections/community.aws/pull/1945). - iam_managed_policy - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_managed_policy`` (https://github.com/ansible-collections/community.aws/pull/1954). - iam_mfa_device_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_mfa_device_info`` (https://github.com/ansible-collections/community.aws/pull/1953). - iam_password_policy - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_password_policy``. - iam_role - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_role`` (https://github.com/ansible-collections/community.aws/pull/1948). - iam_role_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_role_info`` (https://github.com/ansible-collections/community.aws/pull/1948). - s3_bucket_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.s3_bucket_info``. - sts_assume_role - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.sts_assume_role``. bugfixes: - mq_broker - ensure broker is created with ``tags`` when passed (https://github.com/ansible-collections/community.aws/issues/1832). - opensearch - Don't try to read a non existing key from the domain config (https://github.com/ansible-collections/community.aws/pull/1910). minor_changes: - api_gateway - use fstrings where appropriate (https://github.com/ansible-collections/amazon.aws/pull/1962). - api_gateway_info - use fstrings where appropriate (https://github.com/ansible-collections/amazon.aws/pull/1962). - community.aws collection - apply isort code formatting to ensure consistent formatting of code (https://github.com/ansible-collections/community.aws/pull/1962) - ecs_taskdefinition - Add parameter ``runtime_platform`` (https://github.com/ansible-collections/community.aws/issues/1891). - eks_nodegroup - ensure wait also waits for deletion to complete when ``wait==True`` (https://github.com/ansible-collections/community.aws/pull/1994). release_summary: This release includes some new features, bugfixes and breaking changes. Several modules have been migrated to amazon.aws and the Fully Qualified Collection Name for these modules needs to be updated. The community.aws collection has dropped support for ``botocore<1.29.0`` and ``boto3<1.26.0``. Due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/), support for Python less than 3.7 by this collection was deprecated in release 6.0.0 and removed in release 7.0.0. (https://github.com/ansible-collections/amazon.aws/pull/1763). fragments: - 1832-mq_broker_tags.yml - 1891_ecs-task-definition-add-runtime-platform.yml - 1904-route53_wait.yml - 1962-isort.yml - 20230623-black-cloudfront.yml - 20230702-isort.yml - 20230801-fix-linters.yml - 20230906-galaxy.yml - 20230906-route53_wait.yml - 20230908-alias-cleanup.yml - 20230915_migrate_iam_role_and_iam_role_info.yml - 7.0.0-dev0.yml - botocore.yml - botocore_params-cleanup.yml - eks_nodegroup-integration-wait-delete.yml - galaxy_importer.yml - migrate_aws_region_info.yml - migrate_iam_access_key.yml - migrate_iam_group.yml - migrate_iam_managed_policy.yml - migrate_iam_mfa_device_info.yml - migrate_iam_password_policy.yml - migrate_s3_bucket_info.yml - migrate_sts_assume_role.yml - opensearch_domainconfig_no_options.yaml - python37.yml - release_summary.yml - workflow-requirements.yml release_date: '2023-11-06' 7.1.0: changes: bugfixes: - aws_ssm - disable ``enable-bracketed-paste`` to fix issue with amazon linux 2023 and other OSes (https://github.com/ansible-collections/community.aws/issues/1756) minor_changes: - aws_ssm - Updated the documentation to explicitly state that an S3 bucket is required, the behavior of the files in that bucket, and requirements around that. (https://github.com/ansible-collections/community.aws/issues/1775). - cloudfront_distribution - added support for ``cache_policy_id`` and ``origin_request_policy_id`` for behaviors (https://github.com/ansible-collections/community.aws/pull/1589) - mq_broker - add support to wait for broker state via ``wait`` and ``wait_timeout`` parameter values (https://github.com/ansible-collections/community.aws/pull/1879). release_summary: This release includes new features for the ``cloudfront_distribution`` and ``mq_broker`` modules, as well as a bugfix for the ``aws_ssm`` connection plugin needed when connecting to hosts with Bash 5.1.0 and later. fragments: - 1589-cloudfront_distribution-add-policies.yml - 1775-aws_ssm-s3-docs.yaml - 1839-disable-bracketed-paste.yml - 1879-mq_broker-add-wait.yml - release.yml - ssm-fedora34.yml release_date: '2024-01-10' 7.2.0: changes: bugfixes: - ssm(connection) - fix bucket region logic when region is ``us-east-1`` (https://github.com/ansible-collections/community.aws/pull/1908). minor_changes: - glue_job - add support for 2 new instance types which are G.4X and G.8X (https://github.com/ansible-collections/community.aws/pull/2048). - msk_cluster - Support for additional ``m5`` and ``m7g`` types of MSK clusters (https://github.com/ansible-collections/community.aws/pull/1947). release_summary: This release includes a new module ``dynamodb_table_info``, new features for the ``glue_job`` and ``msk_cluster`` modules, and a bugfix for the ``aws_ssm`` connection plugin. fragments: - 1908-fix_find_out_bucket_region_logic.yml - 1947-add_support_msk_addtinal_type.yml - 20240402-lambda-test-runtime.yml - 2048-add-new-instance-types-in-gluejob.yaml modules: - description: Returns information about a Dynamo DB table name: dynamodb_table_info namespace: '' release_date: '2024-04-05' 8.0.0: changes: breaking_changes: - The community.aws collection has dropped support for ``botocore<1.29.0`` and ``boto3<1.26.0``. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/amazon.aws/pull/1763). - aws_region_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.aws_region_info``. - aws_s3_bucket_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.aws_s3_bucket_info``. - community.aws collection - Support for ansible-core < 2.15 has been dropped (https://github.com/ansible-collections/community.aws/pull/2074). - community.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection wss been deprecated in release 6.0.0 and removed in release 7.0.0. (https://github.com/ansible-collections/amazon.aws/pull/1763). - iam_access_key - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_access_key``. - iam_access_key_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_access_key_info``. - iam_group - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_group`` (https://github.com/ansible-collections/community.aws/pull/1945). - iam_managed_policy - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_managed_policy`` (https://github.com/ansible-collections/community.aws/pull/1954). - iam_mfa_device_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_mfa_device_info`` (https://github.com/ansible-collections/community.aws/pull/1953). - iam_password_policy - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_password_policy``. - iam_role - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_role`` (https://github.com/ansible-collections/community.aws/pull/1948). - iam_role_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.iam_role_info`` (https://github.com/ansible-collections/community.aws/pull/1948). - s3_bucket_info - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.s3_bucket_info``. - sts_assume_role - The module has been migrated from the ``community.aws`` collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use ``amazon.aws.sts_assume_role``. bugfixes: - mq_broker - ensure broker is created with ``tags`` when passed (https://github.com/ansible-collections/community.aws/issues/1832). - opensearch - Don't try to read a non existing key from the domain config (https://github.com/ansible-collections/community.aws/pull/1910). deprecated_features: - aws_glue_connection - updated the deprecation for removal of the ``connection_parameters`` return key from ``after 2024-06-01`` to release version ``9.0.0``, it is being replaced by the ``raw_connection_parameters`` key (https://github.com/ansible-collections/community.aws/pull/518). - ecs_cluster - updated the deprecation for updated default of ``purge_capacity_providers``, the current default of ``False`` will be changed to ``True`` in release ``9.0.0``. To maintain the current behaviour explicitly set ``purge_capacity_providers=False`` (https://github.com/ansible-collections/community.aws/pull/1640). - ecs_service - updated the deprecation for updated default of ``purge_placement_constraints``, the current default of ``False`` will be changed to ``True`` in release ``9.0.0``. To maintain the current behaviour explicitly set ``purge_placement_constraints=False`` (https://github.com/ansible-collections/community.aws/pull/1716). - ecs_service - updated the deprecation for updated default of ``purge_placement_strategy``, the current default of ``False`` will be changed to ``True`` in release ``9.0.0``. To maintain the current behaviour explicitly set ``purge_placement_strategy=False`` (https://github.com/ansible-collections/community.aws/pull/1716). minor_changes: - api_gateway - use fstrings where appropriate (https://github.com/ansible-collections/amazon.aws/pull/1962). - api_gateway_info - use fstrings where appropriate (https://github.com/ansible-collections/amazon.aws/pull/1962). - community.aws collection - apply isort code formatting to ensure consistent formatting of code (https://github.com/ansible-collections/community.aws/pull/1962) - ecs_taskdefinition - Add parameter ``runtime_platform`` (https://github.com/ansible-collections/community.aws/issues/1891). - eks_nodegroup - ensure wait also waits for deletion to complete when ``wait==True`` (https://github.com/ansible-collections/community.aws/pull/1994). - elb_network_lb - add support for Application-Layer Protocol Negotiation (ALPN) policy ``AlpnPolicy`` for TLS listeners (https://github.com/ansible-collections/community.aws/issues/1566). - elb_network_lb - add the possibly to update ``SslPolicy`` and ``Certificates`` for TLS listeners (). release_summary: This major release brings several new features, bug fixes, and deprecated features. It also includes the removal of several modules that have been migrated to the ``amazon.aws`` collection. We have also removed support for ``ansible-core<2.15``. fragments: - 1832-mq_broker_tags.yml - 1891_ecs-task-definition-add-runtime-platform.yml - 1904-route53_wait.yml - 1962-isort.yml - 20230623-black-cloudfront.yml - 20230702-isort.yml - 20230801-fix-linters.yml - 20230906-galaxy.yml - 20230906-route53_wait.yml - 20230908-alias-cleanup.yml - 20230915_migrate_iam_role_and_iam_role_info.yml - 20231127-elb_network_lb-update-tls-listeners.yaml - 20240408-efs-sanity_fix.yml - 7.0.0-dev0.yml - 8.0.0-increase-ansible-core-version.yml - 8.0.0-release.yml - 9-date-deprecations.yml - boto3_equals.yml - botocore.yml - botocore_params-cleanup.yml - eks_nodegroup-integration-wait-delete.yml - galaxy_importer.yml - migrate_aws_region_info.yml - migrate_iam_access_key.yml - migrate_iam_group.yml - migrate_iam_managed_policy.yml - migrate_iam_mfa_device_info.yml - migrate_iam_password_policy.yml - migrate_s3_bucket_info.yml - migrate_sts_assume_role.yml - opensearch_domainconfig_no_options.yaml - python37.yml - workflow-requirements.yml release_date: '2024-05-20'