VhaVdZdZdZddlmZddlmZddlmZddlmZddlmZdd lm Z dd l m Z dd l m Z dd l mZdd l mZddl mZddl mZddl mZddl mZddl mZddl mZddlmZddlmZddlmZdeedeedeeee eeeeeffffdZ d0deeeefdededeefdZ d1ded eeeefd!eed"ed#eeeefd$eedeeeefeffd%Zdededeeeeffd&Z!d'edeeeeffd(Z"d'edefd)Z#d*ed'edeeeefdedeeeff d+Z$d'edeeeefdedeeeffd,Z%d'efd-Z&d.Z'e(d/k(re'yy)2a/ --- module: ec2_eip version_added: 5.0.0 short_description: manages EC2 elastic IP (EIP) addresses. description: - This module can allocate or release an EIP. - This module can associate/disassociate an EIP with instances or network interfaces. - This module was originally added to C(community.aws) in release 1.0.0. options: device_id: description: - The id of the device for the EIP. - Can be an EC2 Instance id or Elastic Network Interface (ENI) id. - When specifying an ENI id, O(in_vpc) must be V(true). - The C(instance_id) alias was removed in release 6.0.0. required: false type: str public_ip: description: - The IP address of a previously allocated EIP. - When O(state=present) and device is specified, the EIP is associated with the device. - When O(state=absent) and device is specified, the EIP is disassociated from the device. aliases: [ ip ] type: str state: description: - When O(state=present), allocate an EIP or associate an existing EIP with a device. - When O(state=absent), disassociate the EIP from the device and optionally release it. choices: ['present', 'absent'] default: present type: str in_vpc: description: - Allocate an EIP inside a VPC or not. - Required if specifying an ENI with O(device_id). default: false type: bool reuse_existing_ip_allowed: description: - Reuse an EIP that is not associated to a device (when available), instead of allocating a new one. default: false type: bool release_on_disassociation: description: - Whether or not to automatically release the EIP when it is disassociated. default: false type: bool private_ip_address: description: - The primary or secondary private IP address to associate with the Elastic IP address. type: str allow_reassociation: description: - Specify this option to allow an Elastic IP address that is already associated with another network interface or instance to be re-associated with the specified instance or interface. default: false type: bool tag_name: description: - When O(reuse_existing_ip_allowed=true), supplement with this option to only reuse an Elastic IP if it is tagged with O(tag_name). type: str tag_value: description: - Supplements O(tag_name) but also checks that the value of the tag provided in O(tag_name) matches O(tag_value). type: str public_ipv4_pool: description: - Allocates the new Elastic IP from the provided public IPv4 pool (BYOIP) only applies to newly allocated Elastic IPs, isn't validated when O(reuse_existing_ip_allowed=true). type: str domain_name: description: The domain name to attach to the IP address. required: false type: str version_added: 9.0.0 extends_documentation_fragment: - amazon.aws.common.modules - amazon.aws.region.modules - amazon.aws.tags - amazon.aws.boto3 author: - "Rick Mendes (@rickmendes) " notes: - There may be a delay between the time the EIP is assigned and when the cloud instance is reachable via the new address. Use wait_for and pause to delay further playbook execution until the instance is reachable, if necessary. - This module returns multiple changed statuses on disassociation or release. It returns an overall status based on any changes occurring. It also returns individual changed statuses for disassociation and release. - Support for O(tags) and O(purge_tags) was added in release 2.1.0. a # Note: These examples do not set authentication details, see the AWS Guide for details. - name: associate an elastic IP with an instance amazon.aws.ec2_eip: device_id: i-1212f003 ip: 93.184.216.119 - name: associate an elastic IP with a device amazon.aws.ec2_eip: device_id: eni-c8ad70f3 ip: 93.184.216.119 - name: associate an elastic IP with a device and allow reassociation amazon.aws.ec2_eip: device_id: eni-c8ad70f3 public_ip: 93.184.216.119 allow_reassociation: true - name: disassociate an elastic IP from an instance amazon.aws.ec2_eip: device_id: i-1212f003 ip: 93.184.216.119 state: absent - name: disassociate an elastic IP with a device amazon.aws.ec2_eip: device_id: eni-c8ad70f3 ip: 93.184.216.119 state: absent - name: allocate a new elastic IP and associate it with an instance amazon.aws.ec2_eip: device_id: i-1212f003 - name: allocate a new elastic IP without associating it to anything amazon.aws.ec2_eip: state: present register: eip - name: output the IP ansible.builtin.debug: msg: "Allocated IP is {{ eip.public_ip }}" - name: provision new instances with ec2 amazon.aws.ec2: keypair: mykey instance_type: c1.medium image: ami-40603AD1 wait: true group: webserver count: 3 register: ec2 - name: associate new elastic IPs with each of the instances amazon.aws.ec2_eip: device_id: "{{ item }}" loop: "{{ ec2.instance_ids }}" - name: allocate a new elastic IP inside a VPC in us-west-2 amazon.aws.ec2_eip: region: us-west-2 in_vpc: true register: eip - name: output the IP ansible.builtin.debug: msg: "Allocated IP inside a VPC is {{ eip.public_ip }}" - name: allocate eip - reuse unallocated ips (if found) with FREE tag amazon.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true tag_name: FREE - name: allocate eip - reuse unallocated ips if tag reserved is nope amazon.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true tag_name: reserved tag_value: nope - name: allocate new eip - from servers given ipv4 pool amazon.aws.ec2_eip: region: us-east-1 in_vpc: true public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - name: allocate eip - from a given pool (if no free addresses where dev-servers tag is dynamic) amazon.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true tag_name: dev-servers public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - name: allocate eip from pool - check if tag reserved_for exists and value is our hostname amazon.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true tag_name: reserved_for tag_value: "{{ inventory_hostname }}" public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - name: create new IP and modify it's reverse DNS record amazon.aws.ec2_eip: state: present domain_name: test-domain.xyz - name: Modify reverse DNS record of an existing EIP amazon.aws.ec2_eip: public_ip: 44.224.84.105 domain_name: test-domain.xyz state: present - name: Remove reverse DNS record of an existing EIP amazon.aws.ec2_eip: public_ip: 44.224.84.105 domain_name: "" state: present a allocation_id: description: Allocation id of the elastic ip. returned: on success type: str sample: eipalloc-51aa3a6c public_ip: description: An elastic ip address. returned: on success type: str sample: 52.88.159.209 update_reverse_dns_record_result: description: Information about result of update reverse dns record operation. returned: When O(domain_name) is specified. type: dict contains: address: description: Information about the Elastic IP address. returned: always type: dict contains: allocation_id: description: The allocation ID. returned: always type: str sample: "eipalloc-00a11aa111aaa1a11" ptr_record: description: The pointer (PTR) record for the IP address. returned: always type: str sample: "ec2-11-22-33-44.us-east-2.compute.amazonaws.com." ptr_record_update: description: The updated PTR record for the IP address. returned: always type: dict contains: status: description: The status of the PTR record update. returned: always type: str sample: "PENDING" value: description: The value for the PTR record update. returned: always type: str sample: "example.com" public_ip: description: The public IP address. returned: always type: str sample: "11.22.33.44" )Any)Dict)List)Optional)Tuple)Union)camel_dict_to_snake_dict)AnsibleEC2Error)allocate_address)associate_address)describe_addresses)describe_instances)describe_network_interfaces)disassociate_address)ensure_ec2_tags)release_address)AnsibleAWSModule)boto3_tag_specifications)!ansible_dict_to_boto3_filter_list public_ip device_idreturncd}|s|sy|rd|gi}n|rd|gdg}nd|gdg}d|i}d}t|fi|}|r$t|dkDrtd|d ||d }|S) z#Find an existing Elastic IP addressN PublicIpsz instance-idNameValuesznetwork-interface-idFiltersz'Found more than one address using args z Addresses found: r)r lenr )ec2rr is_instancefiltersparamsresult addressess f/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/amazon/aws/plugins/modules/ec2_eip.py find_addressr(0sG Y {+  -)EFG 69+NOGW% F"31&1I y>A !$KF8Sefoep"qr r1 Maddressr"c|sdn|jd}t||||}d}|r:|r|jdn|jd}||k(r|jd}|S)z]Check if the elastic IP is currently associated with the device and return the association IdNPublicIp InstanceIdNetworkInterfaceId AssociationId)getr()r!r*rr"rr%association_id instance_ids r'!address_is_associated_with_devicer3Ksf$Z)@I #y)[ AFN 2=fjj.6::NbCc ) ##ZZ8N r)N check_mode search_tagsdomainreuse_existing_ip_allowedtagspublic_ipv4_poolc|sd}|rzg}|jd|gd||t|z }t||}|dk(r#|D cgc]} | jddr| } } n|D cgc] } | dr |  } } | r| d d fSd |i} |r| j d |i|rt |d | d<d} |s t |fi| } | dfScc} wcc} w)z=Allocate a new elastic IP address (when needed) and return itstandardr6rN)rvpcr/r-rFDomainPublicIpv4Pool elastic-ip)typesTagSpecificationsT)appendrr r0updaterallocate_ip_address) clientr4r5r6r7r8r9r# all_addressesaunassociated_addressesr$r*s r'r r \s  VH=>  " 8E EG*67C U?1>%cAaeeO]aFba%c "%c1>%VAa oa%V "%V !)!,e3 3 F ')9:; &>t<&X"#G %f77 D=&d%VsCC' C2Ccd}|r9t||g}t|dk(r|dd}t|dk(r|d}|St||g}t|dk(r|d}|S)z.Attempt to find the EC2 instance and return itN) InstanceIdsrr Instances)NetworkInterfaceIds)rr r)rErr"r% reservations instances interfacess r' find_devicerPs{F)&ykJ |  !$Q 4I9~""1 M1i[Y z?a ]F Mr)modulec|jjd}|jjd}d}|s|S|s(|jdr|jd}d|i}|S|jdsd|z}||i}|S)z9Generates a dictionary to be passed as a filter to Amazontag_name tag_valueNztag:ztag-key)r$r0 startswithstrip)rQrSrTr%s r'generate_tag_dictrWs}}  ,H !!+.I F     v &~~f-HX& M ""6*(HI& Mr)c|jjd}|jjd}|sy|jdry|jdr|s|jdy)Nrin_vpcFzi-Tzeni-z1If you are specifying an ENI, in_vpc must be true)r$r0rU fail_json)rQrrYs r'check_is_instancer[sf !!+.I ]]  x (F D!F#FRSS r)rEc0d}d}|jjd}|jjd}|rQ|r+t||||}|rd}|js t ||}|r|r |rd}|jst ||d}|xs|||dS) NFrrelease_on_disassociationT)r1 AllocationId) allocation_id)changed disassociatedreleased)r$r0r3r4rr) rErQr*r"rarbrr]r1s r' ensure_absentrcsMH !!+.I & 1 12M N >vwPY[fgN $ (($8P^$_M]/HH$$*6AXY$0=^f ggr)c |jjd}|jjd}|jjd}|rdnd}|jjd}|jjd} |jjd} |jjd} |jjd } |jjd } t|}i}d }|st||j|||| | \}}| $t |||| \}}|j d |i|rt|||}|r%|r#|d rt|d dkDr | tdt||||}|s{d}|jsm|rC|| d}|jddk(r|jd|d<n*|jd|d<n||jd| d}|r||d<t|fi||r1|t|||dd| | z}|j |d|dd||d<|S)Nrprivate_ip_addressrYr<r7allow_reassociationr9r8 purge_tags domain_nameF update_reverse_dns_record_resultVpcIdrzSYou must set 'in_vpc' to true to associate an instance with an existing ip in a vpcT)r-AllowReassociationr=r^r,)r.r^rkPrivateIpAddressr?) resource_typer8rg)rr_r`) r$r0rWr r4 update_reverse_dns_record_of_eiprCrPr r r3r r)rErQr*r"rrerYr6r7rfr9r8rgrhr5r%r`riinstancer1r$s r'ensure_presentrps !!+.I**+?@ ]]  x (FU$F & 1 12M N --++,AB}}(();< ==  V $D""<0J--##M2K$F+K FG + F%%{F 4 S'):%;a%?FN%i ;67IWbcG$$,5M`aF{{8,518^1L~.-4[[-Dz*/8(/ N(C.AF &1CF-.!&3F3? FGN3STU?"&FE"R"&FE"R fe<6 5v7H IVTB&M"# #.-$ F -- C !!+.I !!+.I MM  g &E#F+K &sIy+F I #C+FF"3EF Fv &""1%%&s20E55 F>FF__main__)T)N)) DOCUMENTATIONEXAMPLESRETURNtypingrrrrrr0ansible.module_utils.common.dict_transformationsr 7ansible_collections.amazon.aws.plugins.module_utils.ec2r r rDr r rrrrr;ansible_collections.amazon.aws.plugins.module_utils.modulesr;ansible_collections.amazon.aws.plugins.module_utils.taggingrBansible_collections.amazon.aws.plugins.module_utils.transformationrrr(rr3rPrWr[rcrprnr__name__rr)r'rsx^ @{ z3 jUSkUVV_XSSX`pSM.6sm d3c4S#X#77889:>  d38n %  c] 0(,%%$sCx.)% SM % $ % 4S> " %tn% 4S>4  %P3ThtCQTH~>V".8DcN3K* . 4 h h)h4