What’s New: Cloud Automation with amazon.cloud 0.4.0

18 juillet 2023Gomathi Selvi Srinivasan6 minutes (temps de lecture)

The Amazon Web Services (AWS) Cloud Control Collection (amazon.cloud) has been updated with a powerful new suite of modules. We introduced the experimental cloud collection for Ansible back in May of 2022 and it has come a really long way. With the launch of the AWS Cloud Control API, developers have a consistent method to manage supported services that are defined as part of their cloud infrastructure throughout their lifecycle, so there are fewer APIs to learn as developers add new services to their infrastructure. The 0.4.0 version of the amazon.cloud collection not only improves the user experience in automating AWS cloud features with Ansible, but also provides improved code quality and an enhanced CI process.

This blog explains what is new in amazon.cloud 0.4.0 that will help both the developers and the users.

Forward-Looking Changes

Migration of CI from Zuul to GitHub Actions

Continuous Integration testing and the release process have been moved from Zuul to GitHub Actions for this collection. The tests include code linters (which check style formatting), unit tests, integration tests, sanity tests, and other custom checks. Using GitHub Actions has helped us save a lot of time and effort.

By opting for GitHub Actions, we were able to avoid the frequent instability and the maintenance overload of zuul. More details on why we decided to migrate to GitHub Actions can be found here. Details about the workflows used for testing, tagging, and release can be found here.

New Features Highlight

Some of the new features available in this Ansible content collection release are listed below.

Module name	Description
memorydb_acl	Creates and manages an Access Control List (ACL) to specify permissions to a MemoryDB for Redis cluster.
memorydb_cluster	Creates or manages a MemoryDB for the Redis cluster.
memorydb_parameter_group	Creates a new MemoryDB parameter group.
memorydb_subnet_group	Creates a new MemoryDB subnet group.
memorydb_user	Creates a new MemoryDB user.

Creation and configuration of MemoryDB

The explosion of data every ten years and the rapid rate of change driven by DevOps teams needs a fast and flexible database. AWS caters to this need with MemoryDB. This Redis compatible in-memory database service can be managed using the new MemoryDB modules of Ansible.

The following part of this blog takes you through the steps to create and configure the MemoryDB cluster using Ansible’s amazon.cloud modules.

Create a cluster

A cluster is a collection of one or more nodes serving a single dataset. The memorydb_cluster module lets you create, modify and delete a cluster, take snapshots of a cluster, view its elements, and modify the cost allocation tags of a cluster. The following example shows how to create a cluster with an ACL, subnet group, and parameter group that are already present. Creation of these parameters using amazon.cloud collection is shown in later examples.

- name: Create a MemoryDB cluster
  hosts: localhost
  gather_facts: false

  tasks:
  - name: Create MemoryDB cluster
     amazon.cloud.memorydb_cluster:
        cluster_name: "mycluster"
        node_type: "db.r6g.large"
        acl_name: "myacl"
        subnet_group_name: "mysggroup"
        parameter_group_name: "myparametergroup"

List all the available MemoryDB cluster in a given region

When the state is set to list, the output contains a list (elements: dict) of all the available memorydb clusters. When the state is set as describe and cluster_name is set to cluster name, the information of the mentioned cluster is returned as a dict.

- name: Get info about  MemoryDB cluster
  hosts: localhost
  gather_facts: false

  tasks:
  - name: Get info about  MemoryDB cluster
     amazon.cloud.memorydb_cluster:
        cluster_name: "mycluster"
        state: describe

Create and authenticate users using Access Control List

Access to the MemoryDB clusters can be controlled by grouping users and enabling ACL to the group. This ACL can be deployed to one or more clusters as shown above.

- name: Create users who can access the cluster
  hosts: localhost
  gather_facts: false

  tasks: 
  - name: Create users
    amazon.cloud.memorydb_user:
       user_name: "user1"
       authentication_mode:
           type: "password"
           passwords: ["xyz1abcdpqrs2345"]

Additional Info {% icon icon_set="fontawesome-5.14.0" name="Info Circle" style="SOLID" height="18" purpose="decorative" title="Info Circle icon" %}
Remember to follow best practices on credential management including passwords and secrets. For example you can use Ansible vault or automation controller credentials to encrypt sensitive information.

- name: Create acl and assign user
  hosts: localhost
  gather_facts: false
  
  tasks: 
  - name: Create ACL for the user
     amazon.cloud.memorydb_acl:
       acl_name: "myacl"
       user_names: ["user1"]

Create a parameter group for the MemoryDB cluster

The runtime properties of a cluster can be controlled by parameter groups. The following example shows how to configure the parameter group.

- name: Create parameter group
  hosts: localhost
  gather_facts: false
  
  tasks: 
  - name: Create a Parameter Group
     amazon.cloud.memorydb_parameter_group:
        parameter_group_name: "myparametergroup"
        family: "memorydb_redis6"
        description: "parameter group 1"

Create subnet groups for the MemoryDB cluster

The following example shows how to create a collection of subnets that can be assigned to the cluster as shown in the first example. MemoryDB uses that subnet group to choose a subnet and IP addresses within that subnet to associate with your nodes.

- name: Create Subnet  group
  hosts: localhost
  gather_facts: false

  tasks: 
  - name: Create Subnet Group
     amazon.cloud.memorydb_subnet_group:
       subnet_group_name: "mysubnetgroup"
       subnet_ids: ["subnet-xxxx"]
       description: "subnet group 1"

All these services can be listed, described, and deleted by assigning the respective values to the “state” key in the respective modules. For more details on the module parameters and values, please have a look at the module documentation.

Summary

AWS provides a wide range of cloud services, which started with Amazon Simple Storage Service (Amazon S3) and has since grown to include over 200 different services. Each of these services has a unique API that developers need to understand, which can be a challenge as applications get more complex.

However, with the introduction of AWS Cloud Control API, developers now have a simpler way to manage their cloud infrastructure. This new API provides a uniform method for handling services, reducing the number of different APIs developers need to learn as they add new services.

The Ansible Cloud Content Collection leverages the AWS Cloud Control API, offering automation professionals a chance to utilize this new technology. With ongoing enhancements, the Ansible Cloud Collection will keep introducing these fresh features for Ansible automation engineers.

Where to go next

Red Hat Summit and AnsibleFest 2023 - Missed out on this event? Check out these sessions available online.
Missed out on AnsibleFest 2022? Check out the Best of AnsibleFest 2022.
Self-paced exercises - We have interactive, in-browser exercises to learn and dive into Ansible Automation Platform.
Trial subscription - Are you ready to install on premise? Get your own trial subscription for unlimited access to all the components of Ansible Automation Platform.
Follow Ansible Automation Platform on Twitter - Do you have questions or an automation project you want to show off? Tweet at us!