Vhc=LdZddlZddlZddlZddlZddlmZddlmZddlm Z ddlm Z ddlm Z ddl m Z dd lmZdd lmZdd lmZdd lmZd dlmZd dlmZd dlmZd dlmZd dlmZd dlmZd dlmZd dlmZd dlmZGddZ de deffdZ!de deffdZ"y)aThis module adds shared support for generic Amazon AWS modules In order to use this module, include it as part of a custom module as shown below. from ansible_collections.amazon.aws.plugins.module_utils.modules import AnsibleAWSModule module = AnsibleAWSModule(argument_spec=dictionary, supports_check_mode=boolean mutually_exclusive=list1, required_together=list2) The 'AnsibleAWSModule' module provides similar, but more restricted, interfaces to the normal Ansible module. It also includes the additional methods for connecting to AWS using the standard module arguments m.resource('lambda') # - get an AWS connection as a boto3 resource. or m.client('sts') # - get an AWS connection as a boto3 client. To make use of AWSRetry easier, it can now be wrapped around any call from a module-created client. To add retries to a client, create a client: m.client('ec2', retry_decorator=AWSRetry.jittered_backoff(retries=10)) Any calls from that client can be made to use the decorator passed at call-time using the `aws_retry` argument. By default, no retries are used. ec2 = m.client('ec2', retry_decorator=AWSRetry.jittered_backoff(retries=10)) ec2.describe_instances(InstanceIds=['i-123456789'], aws_retry=True) The call will be retried the specified number of times, so the calling functions don't need to be wrapped in the backoff decorator. N)StringIO)Any)Dict)NoReturn)Optional) to_native) AnsibleModule) env_fallback)missing_required_lib)camel_dict_to_snake_dictboto3_at_least) boto3_connbotocore_at_least)check_sdk_version_supportedgather_sdk_versions)get_aws_connection_infoget_aws_region)AnsibleBotocoreError)RetryingBotoClientWrappercDeZdZdZdddedZdZedee e ffdZ dZ de fdZde fd Zdd Zdd Zd ZdefdZde fdZdde fdZde fdZedee fdZddedee de fdZde fdZdee e ffdZde dd fdZde defdZde dd fdZ de defdZ!y ) AnsibleAWSModuleaAn ansible module class for AWS modules AnsibleAWSModule provides an a class for building modules which connect to Amazon Web Services. The interface is currently more restricted than the basic module class with the aim that later the basic module class can be reduced. If you find that any key feature is missing please contact the author/Ansible AWS team (available on #ansible-aws on IRC) to request the additional features needed. T) default_args check_boto3 auto_retry module_classc Di}tjjD]\}} |j|||<||_|dr$t } |j|d||d<tjddi||_ |dr t|jhd}|j!t#t$j&j)r|jj+ddd d t$j&j)vr|jj+d dd |jj,|_|jj.|_|jj0|_t3|_d|_|j8j;d r|t=j>d|_|j6jAt<jB|j6jEt=jF|j4yy#t$r |||<Y,wxYw#ttf$rYwxYw#t$r/}|jjt|Yd}~d}~wwxYw)Nr argument_specr r)warn>S3_URLEC2_URL EC2_REGIONEC2_ACCESS_KEYEC2_SECRET_KEYEC2_SECURITY_TOKENaSupport for the 'EC2_REGION', 'EC2_ACCESS_KEY', 'EC2_SECRET_KEY', 'EC2_SECURITY_TOKEN', 'EC2_URL', and 'S3_URL' environment variables has been deprecated. These variables are currently used for all AWS services which can cause confusion. We recomend using the relevant module parameters or alternatively the 'AWS_REGION', 'AWS_ACCESS_KEY_ID', 'AWS_SECRET_ACCESS_KEY', 'AWS_SESSION_TOKEN', and 'AWS_URL' environment variables can be used instead.z10.0.0 amazon.aws)versioncollection_nameAWS_SECURITY_TOKENa5Support for the 'AWS_SECURITY_TOKEN' environment variable has been deprecated. This variable was based on the original boto SDK, support for which has now been dropped. We recommend using the 'session_token' module parameter or alternatively the 'AWS_SESSION_TOKEN' environment variable can be used instead.debug_botocore_endpoint_logszbotocore.endpoint)$rdefault_settingsitemspopKeyErrorsettingsaws_argument_specupdate TypeError NameError_modulerr#r fail_jsonr intersectionsetosenvironkeys deprecate check_mode_diff_namer_botocore_endpoint_log_streamloggerparamsgetlogging getLoggersetLevelDEBUG addHandler StreamHandler)selfkwargslocal_settingskey default_valueargument_spec_fulledeprecated_varss k/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/amazon/aws/plugins/module_utils/modules.py__init__zAnsibleAWSModule.__init__Ts<"2"C"C"I"I"K 4 C 4&,jjos# 4 ' . )!2!4  "))&*AB'9F? #'88HR6R - ( 5+;x  ' 'BJJOO,=(> ? LL " "A! , #  2::??#4 4 LL " "+! , # ,,11\\'' \\'' -5Z* ;;??9 :!++,?@DK KK  / KK " "7#8#89[9[#\ ] ;s 4&3s# 4y)  ( 5 &&y|44 5s;H<II'<I II$#I$' J0$JJreturnc.|jjSN)r9rFrNs rVrFzAnsibleAWSModule.paramss||"""cg}|jjjdD]~}|j}|s t j d|}|j ddd}t j d|j ddd}|j|d|tt|S#t$rYwxYw) N zOperationModel\(name=.*?\)rz https://.*?\.:) rDgetvaluesplitstripresearchgroupappendAttributeErrorlistr<)rNactionslnfound_operational_requestoperation_requestresources rV_get_resource_action_listz*AnsibleAWSModule._get_resource_action_lists44==?EEdK BB ,.II6SUW,X)$=$C$CA$Fr%!99%5r:@@CAbI(1->,?@A CL!!"  sA(C C  C c|jjdr|j|d<|jj|i|yNr.resource_actions)rFrGrqr9 exit_jsonrNargsrOs rVruzAnsibleAWSModule.exit_json@ ;;??9 :)-)G)G)IF% & //r\c|jjdr|j|d<|jj|i|yrs)rFrGrqr9r:rvs rVr:zAnsibleAWSModule.fail_jsonrxr\Nc:|jj|i|SrZ)r9debugrvs rVr{zAnsibleAWSModule.debugs!t||!!42622r\c:|jj|i|SrZ)r9r#rvs rVr#zAnsibleAWSModule.warns t||  $1&11r\cxt|j|rt|j|Std|d)Nz#AnsibleAWSModule has no attribute '')hasattrr9getattrrj)rNattrs rV __getattr__zAnsibleAWSModule.__getattr__s6 4<< &4<<. .B4&JKKr\c:|jj|i|SrZ)r9booleanrvs rVrzAnsibleAWSModule.booleans#t||##T4V44r\c:|jj|i|SrZ)r9md5rvs rVrzAnsibleAWSModule.md5st||000r\servicec t|\}}}td||d|}|j|t|fd|d|}||St ||S)Nregionendpointclient conn_typerpr/)rdictr6rr) rNrretry_decorator extra_paramsr endpoint_urlaws_connect_kwargskw_argsconns rVrzAnsibleAWSModule.clientsd3J43P0 0Rf|R?QR|$$P(WPP&.td4MdTc4ddr\c |t|\}}}td||d|}|j|t|fd|d|S)Nrrprr/)rrr6r)rNrrrrrrs rVrpzAnsibleAWSModule.resourcesL3J43P0 0Rf|R?QR|$$R*wR'RRr\ct|SrZrr[s rVrzAnsibleAWSModule.regions d##r\ exceptionmsgc tj} t|j}||d|}n|} |j }t d||d|j}|j|||jdit||jdi|y#t$rt|}YwxYw#t$rd}YwxYw)zcall fail_json with processed exception function for converting exceptions thrown by AWS SDK modules, botocore, boto3 and boto, into nice error messages. Nz: )rrr/) traceback format_excrmessagerjresponser_gather_versionsr6r r:) rNrrrOlast_traceback except_msgrrfailures rV fail_json_awszAnsibleAWSModule.fail_json_awss #--/ ."9#4#45J ?R |,G G  ))HX7nX@U@U@WXv   GNN @5h? @!!) ."9-J . H s"B! B;!B87B8; C C c|jr'|j|j|j|j|jy)zIA helper to call the right failure mode after catching an AnsibleAWSError)rN)rrrr:)rNrs rVfail_json_aws_errorz$AnsibleAWSModule.fail_json_aws_errors>      y22 8I8I  J 9,,-r\ctS)zGather AWS SDK (boto3 and botocore) dependency versions Returns {'boto3_version': str, 'botocore_version': str} Returns {} if either is not installed rr[s rVrz!AnsibleAWSModule._gather_versionss #$$r\desiredc |j|s:|jjddtd|fi|i|j yy)aCheck if the available boto3 version is greater than or equal to a desired version. calls fail_json() when the boto3 version is less than the desired version Usage: module.require_boto3_at_least("1.2.3", reason="to update tags") module.require_boto3_at_least("1.1.1") :param desired the minimum desired version :param reason why the version is required (optional) rzboto3>=Nr/)rr9r:r rrNrrOs rVrequire_boto3_at_leastz'AnsibleAWSModule.require_boto3_at_leastsU""7+ "DLL " " (77))<GG '') ,r\ct|SrZrrNrs rVrzAnsibleAWSModule.boto3_at_leasts g&&r\c |j|s:|jjddtd|fi|i|j yy)aCheck if the available botocore version is greater than or equal to a desired version. calls fail_json() when the botocore version is less than the desired version Usage: module.require_botocore_at_least("1.2.3", reason="to update tags") module.require_botocore_at_least("1.1.1") :param desired the minimum desired version :param reason why the version is required (optional) rz botocore>=Nr/)rr9r:r rrs rVrequire_botocore_at_leastz*AnsibleAWSModule.require_botocore_at_leastsU%%g. "DLL " " (:gY)?J6J '') /r\ct|SrZrrs rVrz"AnsibleAWSModule.botocore_at_least1s  ))r\)rXNrZ)"__name__ __module__ __qualname____doc__r r0rWpropertyrstrrrFrqrrur:r{r#rboolrrrrprr BaseExceptionrrrrrrrr/r\rVrrFsQ )-TQUgtuA^F#S#X##""0H0 0H0 32L 5$51c1eceSS $ $$ "} "8C= "^f "D.. %$sCx.%c&'c'd'4&***r\rrXrc2ttgdtdddgtgdfdtgd td ddgtgd fd tgd tdddtdddtdddgtgdfd tdgtddgftgdtdddtdddgtgdftdd tdtdgftd !tddtd"gf#$ S)%z This does not include 'region' as some AWS APIs don't require a region. However, it's not recommended to do this as it means module_defaults can't include the region parameter. )aws_access_key_idaws_access_keyec2_access_keyr 2024-12-01r*namedater,)AWS_ACCESS_KEY_IDAWS_ACCESS_KEYr'F)aliasesdeprecated_aliasesfallbackno_log)aws_secret_access_keyaws_secret_keyec2_secret_keyr)AWS_SECRET_ACCESS_KEYAWS_SECRET_KEYr(T)aws_session_tokensecurity_token access_tokenaws_security_tokenrrr)AWS_SESSION_TOKENr-r) aws_profile AWS_PROFILEAWS_DEFAULT_PROFILE)rr)aws_endpoint_urlec2_urls3_urlrr)AWS_URLr%r$rrrr)typedefaultpath AWS_CA_BUNDLE)rrr)rANSIBLE_DEBUG_BOTOCORE_LOGS)rrr) access_key secret_key session_tokenprofilervalidate_certs aws_ca_bundle aws_configr.)rr r/r\rV_aws_common_argument_specr5sT M*|\ #$]^  Q*|\ #$ab  a.|\Z*|\.\S_`  #$ef  "O"]4I$JK =), U(|T #$DE   "_$56  &*"%B$CD& e7 7r\c ttddgtdddgtgdf}t}|j||S) zV Returns a dictionary containing the argument_spec common to all AWS modules. aws_region ec2_regionrr*r) AWS_REGIONAWS_DEFAULT_REGIONr&r)r)rr rr6) region_specspecs rVr5r5usU!<0,\<X #$VW  K % &DKK  Kr\)#rrHr=rfriortypingrrrransible.module_utils._textransible.module_utils.basicr r r 0ansible.module_utils.common.dict_transformationsr botocorerrrrrrr exceptionsrretriesrrrr5r/r\rVrs D 043;U$ '1)-$,. l*l*^=4s #3=@4s +r\