route53_ksk - new module #2412
route53_ksk - new module #2412
Conversation
Signed-off-by: Alina Buzachis <[email protected]>
Signed-off-by: Alina Buzachis <[email protected]>
Signed-off-by: Alina Buzachis <[email protected]>
Signed-off-by: Alina Buzachis <[email protected]>
Signed-off-by: Alina Buzachis <[email protected]>
alinabuzachis
force-pushed
the
route53
branch
from
8a29f2c to
bb0d46d
Compare
Docs Build 📝Thank you for contribution!✨ The docsite for this PR is available for download as an artifact from this run: You can compare to the docs for the File changes:
Click to see the diff comparison.NOTE: only file modifications are shown here. New and deleted files are excluded. diff --git a/home/runner/work/amazon.aws/amazon.aws/docsbuild/base/collections/amazon/aws/index.html b/home/runner/work/amazon.aws/amazon.aws/docsbuild/head/collections/amazon/aws/index.html
index 756215f..809427f 100644
--- a/home/runner/work/amazon.aws/amazon.aws/docsbuild/base/collections/amazon/aws/index.html
+++ b/home/runner/work/amazon.aws/amazon.aws/docsbuild/head/collections/amazon/aws/index.html
@@ -346,6 +346,7 @@
<li><p><a class="reference internal" href="route53_module.html#ansible-collections-amazon-aws-route53-module"><span class="std std-ref">route53 module</span></a> – add or delete entries in Amazons Route 53 DNS service</p></li>
<li><p><a class="reference internal" href="route53_health_check_module.html#ansible-collections-amazon-aws-route53-health-check-module"><span class="std std-ref">route53_health_check module</span></a> – Manage health checks in Amazons Route 53 DNS service</p></li>
<li><p><a class="reference internal" href="route53_info_module.html#ansible-collections-amazon-aws-route53-info-module"><span class="std std-ref">route53_info module</span></a> – Retrieves Route 53 details using AWS methods</p></li>
+<li><p><a class="reference internal" href="route53_ksk_module.html#ansible-collections-amazon-aws-route53-ksk-module"><span class="std std-ref">route53_ksk module</span></a> – Manages a key-signing key (KSK)</p></li>
<li><p><a class="reference internal" href="route53_zone_module.html#ansible-collections-amazon-aws-route53-zone-module"><span class="std std-ref">route53_zone module</span></a> – add or delete Route 53 zones</p></li>
<li><p><a class="reference internal" href="s3_bucket_module.html#ansible-collections-amazon-aws-s3-bucket-module"><span class="std std-ref">s3_bucket module</span></a> – Manage S3 buckets in AWS, DigitalOcean, Ceph, Walrus, FakeS3 and StorageGRID</p></li>
<li><p><a class="reference internal" href="s3_bucket_info_module.html#ansible-collections-amazon-aws-s3-bucket-info-module"><span class="std std-ref">s3_bucket_info module</span></a> – Lists S3 buckets in AWS</p></li>
diff --git a/home/runner/work/amazon.aws/amazon.aws/docsbuild/base/collections/amazon/aws/route53_info_module.html b/home/runner/work/amazon.aws/amazon.aws/docsbuild/head/collections/amazon/aws/route53_info_module.html
index 3866d22..2e6cc1b 100644
--- a/home/runner/work/amazon.aws/amazon.aws/docsbuild/base/collections/amazon/aws/route53_info_module.html
+++ b/home/runner/work/amazon.aws/amazon.aws/docsbuild/head/collections/amazon/aws/route53_info_module.html
@@ -22,7 +22,7 @@
<script src="../../../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../../../_static/js/theme.js"></script>
<link rel="search" title="Search" href="../../../search.html" />
- <link rel="next" title="amazon.aws.route53_zone module – add or delete Route 53 zones" href="route53_zone_module.html" />
+ <link rel="next" title="amazon.aws.route53_ksk module – Manages a key-signing key (KSK)" href="route53_ksk_module.html" />
<link rel="prev" title="amazon.aws.route53_health_check module – Manage health checks in Amazons Route 53 DNS service" href="route53_health_check_module.html" /><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
@@ -1173,7 +1173,7 @@ see <a class="reference internal" href="#ansible-collections-amazon-aws-route53-
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="route53_health_check_module.html" class="btn btn-neutral float-left" title="amazon.aws.route53_health_check module – Manage health checks in Amazons Route 53 DNS service" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
- <a href="route53_zone_module.html" class="btn btn-neutral float-right" title="amazon.aws.route53_zone module – add or delete Route 53 zones" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
+ <a href="route53_ksk_module.html" class="btn btn-neutral float-right" title="amazon.aws.route53_ksk module – Manages a key-signing key (KSK)" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
diff --git a/home/runner/work/amazon.aws/amazon.aws/docsbuild/base/collections/amazon/aws/route53_zone_module.html b/home/runner/work/amazon.aws/amazon.aws/docsbuild/head/collections/amazon/aws/route53_zone_module.html
index 571a00c..eab1cf2 100644
--- a/home/runner/work/amazon.aws/amazon.aws/docsbuild/base/collections/amazon/aws/route53_zone_module.html
+++ b/home/runner/work/amazon.aws/amazon.aws/docsbuild/head/collections/amazon/aws/route53_zone_module.html
@@ -23,7 +23,7 @@
<script src="../../../_static/js/theme.js"></script>
<link rel="search" title="Search" href="../../../search.html" />
<link rel="next" title="amazon.aws.s3_bucket module – Manage S3 buckets in AWS, DigitalOcean, Ceph, Walrus, FakeS3 and StorageGRID" href="s3_bucket_module.html" />
- <link rel="prev" title="amazon.aws.route53_info module – Retrieves Route 53 details using AWS methods" href="route53_info_module.html" /><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
+ <link rel="prev" title="amazon.aws.route53_ksk module – Manages a key-signing key (KSK)" href="route53_ksk_module.html" /><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
@@ -621,7 +621,7 @@ see <a class="reference internal" href="#ansible-collections-amazon-aws-route53-
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
- <a href="route53_info_module.html" class="btn btn-neutral float-left" title="amazon.aws.route53_info module – Retrieves Route 53 details using AWS methods" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
+ <a href="route53_ksk_module.html" class="btn btn-neutral float-left" title="amazon.aws.route53_ksk module – Manages a key-signing key (KSK)" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="s3_bucket_module.html" class="btn btn-neutral float-right" title="amazon.aws.s3_bucket module – Manage S3 buckets in AWS, DigitalOcean, Ceph, Walrus, FakeS3 and StorageGRID" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
diff --git a/home/runner/work/amazon.aws/amazon.aws/docsbuild/base/collections/index_module.html b/home/runner/work/amazon.aws/amazon.aws/docsbuild/head/collections/index_module.html
index be6d0c8..8b4c78a 100644
--- a/home/runner/work/amazon.aws/amazon.aws/docsbuild/base/collections/index_module.html
+++ b/home/runner/work/amazon.aws/amazon.aws/docsbuild/head/collections/index_module.html
@@ -254,6 +254,7 @@
<li><p><a class="reference internal" href="amazon/aws/route53_module.html#ansible-collections-amazon-aws-route53-module"><span class="std std-ref">amazon.aws.route53</span></a> – add or delete entries in Amazons Route 53 DNS service</p></li>
<li><p><a class="reference internal" href="amazon/aws/route53_health_check_module.html#ansible-collections-amazon-aws-route53-health-check-module"><span class="std std-ref">amazon.aws.route53_health_check</span></a> – Manage health checks in Amazons Route 53 DNS service</p></li>
<li><p><a class="reference internal" href="amazon/aws/route53_info_module.html#ansible-collections-amazon-aws-route53-info-module"><span class="std std-ref">amazon.aws.route53_info</span></a> – Retrieves Route 53 details using AWS methods</p></li>
+<li><p><a class="reference internal" href="amazon/aws/route53_ksk_module.html#ansible-collections-amazon-aws-route53-ksk-module"><span class="std std-ref">amazon.aws.route53_ksk</span></a> – Manages a key-signing key (KSK)</p></li>
<li><p><a class="reference internal" href="amazon/aws/route53_zone_module.html#ansible-collections-amazon-aws-route53-zone-module"><span class="std std-ref">amazon.aws.route53_zone</span></a> – add or delete Route 53 zones</p></li>
<li><p><a class="reference internal" href="amazon/aws/s3_bucket_module.html#ansible-collections-amazon-aws-s3-bucket-module"><span class="std std-ref">amazon.aws.s3_bucket</span></a> – Manage S3 buckets in AWS, DigitalOcean, Ceph, Walrus, FakeS3 and StorageGRID</p></li>
<li><p><a class="reference internal" href="amazon/aws/s3_bucket_info_module.html#ansible-collections-amazon-aws-s3-bucket-info-module"><span class="std std-ref">amazon.aws.s3_bucket_info</span></a> – Lists S3 buckets in AWS</p></li>
|
|
Build failed. ✔️ ansible-galaxy-importer SUCCESS in 11m 19s |
|
Build failed. ✔️ ansible-galaxy-importer SUCCESS in 4m 23s |
Signed-off-by: Alina Buzachis <[email protected]>
alinabuzachis
force-pushed
the
route53
branch
from
1ffb4d1 to
01aaf1e
Compare
|
Build failed. ✔️ ansible-galaxy-importer SUCCESS in 4m 31s |
alinabuzachis
force-pushed
the
route53
branch
from
a94bf6d to
d4acf2d
Compare
|
Build failed.
|
alinabuzachis
force-pushed
the
route53
branch
from
d4acf2d to
9cdbb0a
Compare
Signed-off-by: Alina Buzachis <[email protected]>
alinabuzachis
force-pushed
the
route53
branch
from
9cdbb0a to
f0289dc
Compare
|
Build failed. ✔️ ansible-galaxy-importer SUCCESS in 3m 22s |
|
recheck |
|
Build failed. ✔️ ansible-galaxy-importer SUCCESS in 5m 10s |
|
Build failed. ✔️ ansible-galaxy-importer SUCCESS in 4m 24s |
alinabuzachis
force-pushed
the
route53
branch
from
c5a5b30 to
3385733
Compare
|
Build failed. ✔️ ansible-galaxy-importer SUCCESS in 4m 19s |
Signed-off-by: Alina Buzachis <[email protected]>
alinabuzachis
force-pushed
the
route53
branch
from
3385733 to
7af2ab3
Compare
|
Build succeeded. ✔️ ansible-galaxy-importer SUCCESS in 5m 19s |
|
I would recommend creating a separate PR to add the new module for better clarity and easier review, rather than combining it with the addition of DNSSEC signing functionality. |
Signed-off-by: Alina Buzachis <[email protected]>
alinabuzachis
force-pushed
the
route53
branch
from
011154e to
4201cbd
Compare
alinabuzachis
changed the title
|
Build succeeded. ✔️ ansible-galaxy-importer SUCCESS in 4m 37s |
| type: str | ||
| caller_reference: | ||
| description: | ||
| - A unique string that identifies the request. |
There was a problem hiding this comment.
Add "Required when state is present"
|
Build succeeded. ✔️ ansible-galaxy-importer SUCCESS in 5m 20s |
| aliases: ["zone_id"] | ||
| key_management_service_arn: | ||
| description: | ||
| - The Amazon resource name (ARN) for a customer managed key in Key Management Service (KMS). |
There was a problem hiding this comment.
Add "Required when state is present"
| amazon.aws.route53_ksk: | ||
| name: "{{ resource_prefix }}-ksk" | ||
| hosted_zone_id: "{{ _hosted_zone.zone_id }}" | ||
| status: "INACTIVE" |
There was a problem hiding this comment.
Is status needed when we delete?
| if module.check_mode: | ||
| module.exit_json( | ||
| changed=changed, | ||
| msg=f"Would have updated the Key Signing Key status to {status} if not in check_mode.", |
There was a problem hiding this comment.
Can we return the changed dict (would have changed if not check_mode = true) as well?
| else: | ||
| changed = True | ||
| if module.check_mode: | ||
| module.exit_json(changed=changed, msg="Would have created the Key Signing Key if not in check_mode.") |
There was a problem hiding this comment.
Can we return the changed dict (would have changed if not check_mode = true) as well?
| if module.check_mode: | ||
| module.exit_json(changed=changed, msg="Would have deleted the Key Signing Key if not in check_mode.") | ||
|
|
||
| if module.params.get("status") == "INACTIVE": |
There was a problem hiding this comment.
Is it possible for a condition to have state = "delete" and status = "ACTIVE"? I'm not sure if such a scenario can exist. Do we need this condition? We can ignore status for deletion. I think we should deactivate the key signing key before deleting in any case.
|
|
||
| if ksk is not None: | ||
| changed = True | ||
| response["KeySigningRequest"] = ksk |
There was a problem hiding this comment.
Is this needed? response is getting overwritten here
| status = module.params.get("status") | ||
|
|
||
| if ksk is not None: | ||
| response = {"KeySigningKey": ksk} |
There was a problem hiding this comment.
Is this part of the return dict?
| ansible.builtin.assert: | ||
| that: | ||
| - _ksk_request is successful | ||
| - '"change_info" in _ksk_request' |
There was a problem hiding this comment.
can we check if the status is ACTIVE?
| - name: Assert success | ||
| ansible.builtin.assert: | ||
| that: | ||
| - _ksk_request is successful |
There was a problem hiding this comment.
Can we check the status here?
| amazon.aws.route53_ksk: | ||
| name: "{{ resource_prefix }}-ksk" | ||
| hosted_zone_id: "{{ _hosted_zone.zone_id }}" | ||
| status: "INACTIVE" |
There was a problem hiding this comment.
I am not sure about "status: INACTIVE" for deletion.
SUMMARY
Terminator PR mattclay/aws-terminator#312
Closes #1976
ISSUE TYPE
COMPONENT NAME
route53_ksk
ADDITIONAL INFORMATION