The AWS Cloud Control Collection is an experimental alpha collection of generated modules using the Cloud Control API for interacting with AWS Services.
This work is being made available for research purposes on the Cloud Control API and community feedback on the user experience of API generated module like these. Therefore, this content is not intended for production in its current state.
This collection has been tested against following Ansible versions: >=2.9.10.
Plugins and modules within a collection may be tested with only specific Ansible versions. A collection may contain metadata that identifies these versions. PEP440 is the schema used to describe the versions of Ansible.
This collection requires Python 3.9 or greater.
Version 0.1.0 of this collection supports boto3 >= 1.20.0 and botocore >= 1.23.0
| Name | Description |
|---|---|
| amazon.cloud.backup_backup_vault | Create and manage logical containers where backups are stored |
| amazon.cloud.backup_framework | Create and manage frameworks with one or more controls |
| amazon.cloud.backup_report_plan | Create and manage report plans |
| amazon.cloud.cloudtrail_event_data_store | Creates and manages a new event data store |
| amazon.cloud.cloudtrail_trail | Creates and manages a trail that specifies the settings for delivery of log data to an Amazon S3 bucket. |
| amazon.cloud.cloudwatch_composite_alarm | Creates and manages a composite alarm |
| amazon.cloud.cloudwatch_metric_stream | Creates and manages a metric stream |
| amazon.cloud.dynamodb_global_table | Creates and manages a Version 2019.11.21 global table |
| amazon.cloud.eks_addon | Creates and manages Amazon EKS add-ons |
| amazon.cloud.eks_cluster | Create and manages Amazon EKS control planes |
| amazon.cloud.eks_fargate_profile | Creates and manage AWS Fargate profiles |
| amazon.cloud.iam_role | Create and manage roles |
| amazon.cloud.iam_server_certificate | Uploads and manages a server certificate entity for the AWS account |
| amazon.cloud.kms_alias | Specifies a display name for a KMS key. |
| amazon.cloud.kms_replica_key | Creates and manages a multi-Region replica key that is based on a multi-Region primary key |
| amazon.cloud.lambda_code_signing_config | Code signing for AWS Lambda |
| amazon.cloud.lambda_event_source_mapping | Create a mapping between an event source and an AWS Lambda function |
| amazon.cloud.lambda_function | Create and manage Lambda functions |
| amazon.cloud.logs_log_group | Create and manage log groups |
| amazon.cloud.logs_query_definition | Create and manage query definitions |
| amazon.cloud.logs_resource_policy | Create and manage resource policies |
| amazon.cloud.rds_db_proxy | Create and manage DB proxies |
| amazon.cloud.rds_db_proxy_endpoint | Creates and manages a DB proxy endpoint |
| amazon.cloud.redshift_cluster | Create and manage clusters |
| amazon.cloud.redshift_endpoint_access | Creates and manages Redshift-managed VPC endpoint |
| amazon.cloud.redshift_endpoint_authorization | Describes an endpoint authorization for authorizing Redshift-managed VPC endpoint access to a cluster across AWS accounts. |
| amazon.cloud.redshift_event_subscription | Create and manage Amazon Redshift event notification subscriptions |
| amazon.cloud.redshift_scheduled_action | Creates and manages a scheduled action |
| amazon.cloud.route53_dnssec | Is used to enable DNSSEC signing in a hosted zone |
| amazon.cloud.route53_key_signing_key | Creates a new key-signing key (KSK) in a hosted zone |
| amazon.cloud.s3_access_point | Create and manage Amazon S3 access points to use to access S3 buckets |
| amazon.cloud.s3_bucket | Create and manage S3 buckets |
| amazon.cloud.s3_multi_region_access_point | Create and manage Amazon S3 Multi-Region Access Points |
| amazon.cloud.s3_multi_region_access_point_policy | Manage Amazon S3 access policies |
| amazon.cloud.s3objectlambda_access_point | Create and manage Object Lambda Access Points used to access S3 buckets |
| amazon.cloud.s3objectlambda_access_point_policy | Specifies the Object Lambda Access Point resource policy document |
You can install the AWS Cloud Control Collection with the Ansible Galaxy CLI:
ansible-galaxy collection install amazon.cloudYou can also include it in a requirements.yml file and install it with ansible-galaxy collection install -r requirements.yml, using the format:
---
collections:
- name: amazon.cloudThe python module dependencies are not installed by ansible-galaxy. They can
be manually installed using pip:
pip install requirements.txt
Note that if you install the collection from Ansible Galaxy, it will not be upgraded automatically when you upgrade the ansible package. To upgrade the collection to the latest available version, run the following command:
ansible-galaxy collection install amazon.cloud --upgradeSee Ansible Using collections for more details.
You can either call modules by their Fully Qualified Collection Namespace (FQCN), such as amazon.cloud.logs_log_group, or you can call modules by their short name if you list the amazon.cloud collection in the playbook's collections keyword:
---
- name: Create log group (check mode)
amazon.cloud.logs_log_group:
state: present
log_group_name: "{{ log_group_name }}"
retention_in_days: 7
tags:
testkey: "testvalue"
register: log_groupBecause modules may keep the same name in the amazon.cloud, amazon.aws and community.aws collections, we recommend using the FQCN.
For example, if you want to use the s3_bucket module without specyfing the FQDN, it will use the order the collections are listed and take the first matching module it finds (in this case, s3_bucket from amazon.aws).
---
- hosts: localhost
collections:
- amazon.aws
- amazon.cloud
tasks:
- s3_bucket:
bucket_name: "..."- Amazon.Cloud Collection Guide
- Ansible Using collections for more details.
- Modules are only as good as the API and its schema. Documentation may not be complete for all the modules' options and suboptions.
- Missing supportability for important AWS resources like, EC2 instance, RDS instance, EC2 volume, Elastic Load Balancer, RDS Snapshot, EC2 snapshot, etc.
- Idempotency is a function of the API and may not be fully supported.
- Missing server-side pagination. This may have severe impact on performance.
- Name-based identification filtering to support desired state (idempotency) logic is absent. This limitation has made us to exclude several resources and reduce the numebr of modules. A client-side filtering will definitely have a large impact on performance.
- Not all the resources support the available states. In practice this means that some resources cannot be updated or listed.
We welcome community contributions to this collection. Because this collection is auto-generated using the amazon_cloud_code_generator tool, if you find problems, please open an issue or create a Pull Request against the amazon_cloud_code_generator repository.
You can also join us in the:
#ansible-awsirc.libera.chat channel#ansible(general use questions and support),#ansible-community(community and collection development questions), and other IRC channels.
The Amazon Web Services Working groups is holding a monthly community meeting at #ansible-aws IRC channel at 17:30 UTC every fourth Thursday of the month. If you have something to discuss (e.g. a PR that needs help), add your request to the meeting agenda and join the IRC #ansible-aws channel. Invite (import by URL): ics file
You don't know how to start? Refer to our contribution guide!
We use the following guidelines:
- CONTRIBUTING.md
- Ansible Community Guide
- Ansible Development Guide
- Ansible Collection Development Guide
The process of decision making in this collection is based on discussing and finding consensus among participants. Every voice is important. If you have something on your mind, create an issue or dedicated discussion and let's discuss it!
See the changelog.
We announce releases and important changes through Ansible's The Bullhorn newsletter. Be sure you are subscribed.
Join us in the #ansible (general use questions and support), #ansible-community (community and collection development questions), and other IRC channels.
We take part in the global quarterly Ansible Contributor Summit virtually or in-person. Track The Bullhorn newsletter and join us.
For more information about communication, refer to the Ansible Communication guide.
We follow the Ansible Code of Conduct in all our interactions within this project.
If you encounter abusive behavior, please refer to the policy violations section of the Code for information on how to raise a complaint.
- Ansible Collection overview
- Ansible User guide
- Ansible Developer guide
- Ansible Collections Checklist
- Ansible Community code of conduct
- The Bullhorn (the Ansible Contributor newsletter)
- Changes impacting Contributors
GNU General Public License v3.0 or later.
See LICENSE to see the full text.