When it comes to Amazon Web Services (AWS) infrastructure automation, the latest release of the certified amazon.aws Ansible Content Collection for Red Hat Ansible Automation Platform brings a number of enhancements to improve the overall user experience and speed up the process from development to production.
This blog post goes through changes and highlights what’s new in the 7.0.0 release of this Ansible Content Collection. We have included numerous features, plugins, bug fixes, and code quality improvements that further enhance the amazon.aws collection. Let's go through some of them!
Looking to get started with Ansible for Amazon Web Services?
|
Forward-looking Changes
Much of our work in the 7.0.0 release has been focused on the following areas:
- Enhancing several modules from the upstream community.
- Promoting modules to being formally supported by Red Hat.
- Improving the overall quality of the collection code.
- Releasing various new enhancements and clarifying support policies.
New Modules
This release brings with it a number of new supported modules that have been promoted from community support to Red Hat support. The following table highlights the functionality covered by these new modules supported by Red Hat:
Module |
Description |
aws_region_info |
Gather information about AWS regions. |
s3_bucket_info |
Lists S3 buckets and details about those buckets. |
iam_access_key |
Manage AWS IAM User access keys. |
iam_access_key_info |
Gather information about AWS IAM User access keys. |
iam_group |
Manage AWS IAM groups. |
iam_managed_policy |
Manage User Managed IAM policies. |
iam_mfa_device_info |
List the MFA (Multi-Factor Authentication) devices registered for a user. |
iam_password_policy |
Update an IAM Password Policy. |
iam_role |
Manage AWS IAM roles. |
iam_role_info |
Gather information on IAM roles. |
sts_assume_role |
Assume a role using AWS Security Token Service and obtain temporary credentials. |
In addition to the newly promoted modules, three more new modules have been added to the collection.
Module |
Description |
ec2_import_image |
Manage AWS EC2 import image tasks. |
ec2_import_image_info |
Gather information about importing virtual machine tasks. |
rds_global_cluster_info |
Obtain information about Aurora global database clusters. |
In an upcoming blog post, we will showcase practical use case scenarios leveraging these newly supported modules. Stay tuned for some insightful tips!
New Features Highlights
This release brings several new features. Let’s take a look!
amazon.aws.ec2_instance
The amazon.aws.ec2_instance module now supports setting placement and license_specifications. The placement and license_specifications options in AWS EC2 instances allow you to control where and how your instances are launched (e.g., in a particular availability zone and adhering to a dedicated tenancy), as well as how licensing is handled for software that requires specific licensing agreements. The following Ansible task shows how to achieve it.
- name: Start an EC2 instance with placement and license specifications
amazon.aws.ec2_instance:
name: "{{ instance_name }}"
key_name: "{{ ssh_key }}"
vpc_subnet_id: "{{ vpc_id }}"
instance_type: "{{ instance_type }}"
security_group: "{{ security_group }}"
placement:
availability_zone: us-east-1a
tenancy: dedicated
license_specifications:
- license_configuration_arn: "{{ license_configuration_arn }}"
image_id: "{{ ami_id }}"
amazon.aws.ec2_instance_info
The amazon.aws.ec2_instance_info module enables you to describe specific attributes of an EC2 instance by setting include_attributes option. This can be useful when you want to retrieve detailed information about an EC2 instance for specific attributes without fetching all the instance details. For example, you can extract specific details such as the instance's kernel, userData, ramdisk, and instanceType, as shown below.
- name: Gather information about an EC2 instance using some specific attributes
amazon.aws.ec2_instance_info:
filters:
"tag:Name": "{{ instance_name }}"
include_attributes:
- instanceType
- kernel
- ramdisk
- userData
amazon.aws.ec2_vpc_igw
This release introduces the ability to remove an internet gateway that is not attached to a VPC. To remove an internet gateway, you can provide the ID of the internet gateway or the ID of the attached VPC. It is also possible to supply both IDs and, in this case, if the ID of the attached VPC does not match the user-supplied VPC ID, an error is generated.
- name: Delete internet gateway using internet_gateway_id
amazon.aws.ec2_vpc_igw:
state: absent
internet_gateway_id: "{{ gateway_id }}"
It is now possible to create an Internet gateway even without attaching it to a VPC, as shown below.
- name: Create a detached internet gateway
amazon.aws.ec2_vpc_igw:
state: present
amazon.aws.rds_cluster
You might want to automate the management of an RDS cluster's state (start and stop) and also remove the cluster from a global database, if it is part of one. The amazon.aws.rds_cluster module now enables you to stop an RDS cluster by using state: stopped and then remove from a global db by setting remove_from_global_db: true. The following tasks exemplify how to achieve this.
- name: Stop RDS cluster
amazon.aws.rds_cluster:
cluster_id: '{{ cluster_id }}'
state: stopped
- name: Remove a cluster from global DB
amazon.aws.rds_cluster:
db_cluster_identifier: '{{ cluster_id }}'
global_cluster_identifier: '{{ global_cluster_id }}'
remove_from_global_db: true
amazon.aws.route53_health_check
The amazon.aws.route53_health_check module allows you to create and manage Route 53 health checks in AWS. You might want to create a Route 53 calculated health check that depends on the health status of multiple child health checks. The amazon.aws.route53_health_check module now supports the calculated health check (by setting type: CALCULATED) to represent the overall health of a complex service that relies on multiple components or endpoints. The calculated health check must consider all child health checks (supplied using child_health_checks) and trigger an alert when a certain threshold of child health checks is unhealthy. This is useful for monitoring complex services and systems that rely on multiple components.
- name: Create a Route 53 Child Health Check
amazon.aws.route53_health_check:
name: "{{ health_check_1 }}"
resource_path: '{{ resource_path_1 }}'
resource_ip: "{{ ip_1 }}"
port: '{{ port }}'
type: '{{ type_http }}'
failure_threshold: 3
use_unique_names: true
register: __result_child_health_check1
- name: Create Another Route 53 Child Health Check
amazon.aws.route53_health_check:
name: "{{ health_check_2 }}"
resource_path: '{{ resource_path }}'
resource_ip: "{{ ip_1 }}"
port: '{{ port }}'
type: '{{ type_http }}'
failure_threshold: 3
use_unique_names: true
register: __result_child_health_check2
- name: Create a Route 53 Calculated Health Check
amazon.aws.route53_health_check:
health_check_name: "{{ health_check_name }}"
use_unique_names: true
type: CALCULATED
health_threshold: 2
child_health_checks:
- '{{ __result_child_health_check1.health_check.id }}'
- "{{ __result_child_health_check2.health_check.id }}"
New boto3/botocore Versioning
The amazon.aws Collection has dropped support for botocore<1.29.0 and boto3<1.26.0. Most modules will continue to work with older versions of the AWS Software Development Kit (SDK), however, compatibility with older versions of the AWS SDK is not guaranteed and will not be tested. When using older versions of the AWS SDK, Ansible Automation Platform will display a warning. Check out the module documentation for the minimum required version for each module.
New Python Support Policy
On July 30, 2022, AWS announced that the AWS Command Line Interface (AWS CLI) v1 and AWS SDK for Python (boto3 and botocore), will no longer support Python 3.7. To continue to support Red Hat customers with secure and maintainable tools, we aligned with this situation and deprecated support for Python versions lower than 3.7 in the previous 6.0 release of this collection. However, support for Python versions below 3.7 in this collection has been removed in this release. Also, support for Python versions lower than 3.8 is expected to be removed in a release after 2024-12-01, based on currently available schedules.
Deprecated Features
This collection release also introduces some deprecations. The amazon.aws.ec2_instance module has undergone several deprecations. Specifically, passing tenancy and placement_group has been deprecated in favor of placement. The support will be removed in a release after 2025-12-01.
Changes for Developers
If you are an active contributor to the amazon.aws collection or are willing to become one, the following changes may be of interest to you:
Removed Features
distutils has been deprecated and will be removed from Python's stdlib in Python 3.12 (see https://python.org/dev/peps/pep-0632) later this year. In preparation, we vendored a copy of distutils.version and we dropped this vendored copy to change from distutils.version.LooseVersion to packaging.version.Version.
Code quality improvement
In the previous 6.0 release of this collection, we started an initiative to improve the overall code quality. Because improving code quality is a continuous process that requires ongoing effort and attention, we continued this initiative by adopting isort and flynt.
isort is a Python utility that helps maintain consistency and readability by organizing and sorting import statements in the Python code.
flynt is a Python code refactoring tool that converts old-fashioned Python string formatting expressions to modern f-strings. The f-strings provide a more concise and readable way to embed expressions into strings.
Both isort and flynt are valuable tools for improving code quality and style.
Improving code quality is a continuous process that is ongoing and will be reflected in future releases. Stay tuned!
Where to go next
- Red Hat Summit and AnsibleFest 2023 - if you missed out on this event, check out sessions available online and make sure to register for AnsibleFest 2024!
- Self-paced exercises - We have interactive, in-browser exercises to learn and dive into Ansible Automation Platform.
- Trial subscription - Are you ready to install Ansible Automation Platform? Get your own trial subscription for unlimited access to all the components of Ansible Automation Platform.
关于作者
产品
工具
试用购买与出售
沟通
关于红帽
我们是世界领先的企业开源解决方案供应商,提供包括 Linux、云、容器和 Kubernetes。我们致力于提供经过安全强化的解决方案,从核心数据中心到网络边缘,让企业能够更轻松地跨平台和环境运营。