Add check to validate outpostarn regex, add unit test

ansible-collections · Jan 11, 2022 · f44dcdc · f44dcdc
1 parent 991bb22
commit f44dcdc
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 2 deletions.
diff --git a/plugins/module_utils/ec2.py b/plugins/module_utils/ec2.py
@@ -742,3 +742,14 @@ def normalize_ec2_vpc_dhcp_config(option_config):
                 config_data[option] = [val['Value'] for val in config_item['Values']]
 
     return config_data
+
+def is_outposts_arn(input_regex):
+    """
+    Validates the provided regex pattern of outpost arn as per API specification document.
+    API Specification Document:
+    https://docs.aws.amazon.com/outposts/latest/APIReference/API_Outpost.html
+    """
+    regex_pattern = r'^arn:aws([a-z-]+)?:outposts:[a-z\d-]+:\d{12}:outpost/op-[a-f0-9]{17}$'
+    if not re.match(regex_pattern, input_regex):
+        return False
+    return True
diff --git a/plugins/modules/ec2_vpc_subnet.py b/plugins/modules/ec2_vpc_subnet.py
@@ -34,7 +34,7 @@
   outpost_arn:
     description:
       - The Amazon Resource Name (ARN) of the Outpost.
-      - If set to C(yes), allows to create subnet in an Outpost.
+      - If set, allows to create subnet in an Outpost.
       - To specify outpost_arn, availability zone of Outpost subnet must be specified.
     type: str
   tags:
@@ -223,6 +223,7 @@
 from ..module_utils.ec2 import ansible_dict_to_boto3_filter_list
 from ..module_utils.ec2 import boto3_tag_list_to_ansible_dict
 from ..module_utils.ec2 import ensure_ec2_tags
+from ..module_utils.ec2 import is_outposts_arn
 from ..module_utils.waiters import get_waiter
 
 
@@ -286,7 +287,10 @@ def create_subnet(conn, module, vpc_id, cidr, ipv6_cidr=None, outpost_arn=None,
         params['AvailabilityZone'] = az
 
     if outpost_arn:
-        params['OutpostArn'] = outpost_arn
+        if is_outposts_arn(outpost_arn):
+            params['OutpostArn'] = outpost_arn
+        else:
+            module.fail_json('OutpostArn does not match the pattern specified in API specifications.')
 
     try:
         subnet = get_subnet_info(conn.create_subnet(aws_retry=True, **params))

diff --git a/tests/unit/module_utils/test_ec2.py b/tests/unit/module_utils/test_ec2.py
@@ -7,6 +7,8 @@
 __metaclass__ = type
 
 import unittest
+from parametrize import parametrize
+from plugins.module_utils.ec2 import is_outposts_arn
 
 from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list
 from ansible_collections.amazon.aws.plugins.module_utils.ec2 import map_complex_type
@@ -76,3 +78,19 @@ def test_ansible_dict_with_integer_to_boto3_filter_list(self):
 
         converted_filters_int = ansible_dict_to_boto3_filter_list(filters)
         self.assertEqual(converted_filters_int, filter_list_integer)
+
+    # ========================================================
+    #   ec2.is_outposts_arn
+    # ========================================================
+    @parametrize(
+        "outpost_arn, result",
+        [
+            ("arn:aws:outposts:us-east-1:123456789012:outpost/op-1234567890abcdef0", True),
+            ("arn:aws:outposts:us-east-1:123456789012:outpost/op-1234567890abcdef0123", False),
+            ("arn:aws:outpost:us-east-1: 123456789012:outpost/ op-1234567890abcdef0", False),
+            ("ars:aws:outposts:us-east-1: 123456789012:outpost/ op-1234567890abcdef0", False),
+            ("arn:was:outposts:us-east-1: 123456789012:outpost/ op-1234567890abcdef0", False),
+        ]
+    )
+    def test_is_outposts_arn(self, outpost_arn, result):
+        self.assertEqual(is_outposts_arn(outpost_arn), result)