VhtdZdZdZddlZddlZddlmZddlmZddlm Z ddlm Z dd lm Z dd lm Z dd lm Z dd lmZ ddlZdd lmZddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlm Z ddlm!Z!ddlm"Z"ddlm#Z#ddlm$Z$ddlm%Z%ddlm&Z&ddlm'Z'dd lm(Z)dd!lm*Z*dd"lm+Z+dd#lm,Z,dd$l-m.Z.dd%l-m/Z/dd&l-m0Z0dd'l1m2Z2dd(l3m4Z4dd)l5m6Z6dd*l5m7Z7dd+l8m9Z9dd,l:m;Z;d-e efd3Z?d0e2d.dfd4Z@d0e2d5eAd.dfd6ZBd0e2d7e ee e<d8e e<d.e e<f d?ZGd@ZHd0e2d.e ed.df dHZL did0e2d1e efdKZNd0e2d1e efdLZO dfd0e2dEe e e<dMe e ed.e PP Ps#B:moduleinstancedesired_profile_namec |jd}d}|r|r||jd|jdfvry|jd}t||}|jd|k(ry t|d|dgdg } |xs|jd}t |d d dt||i y|s6|r4 |xs|jd}t|dt||i|dyy#t$r}|j |d Yd}~d}~wwxYw#t$r}|j |dYd}~d}~wwxYw#t$r}|j |dYd}~yd}~wwxYw)NIamInstanceProfileNameArnFiam instance-id InstanceId)rCValuesFiltersz+Could not find instance profile associationr AssociationId)association_idiam_instance_profileTz$Could not associate instance profile)rM instance_idz(Could not associate new instance profile)r7clientrrr fail_json_awsrr) rOr>r?r@instance_profile_setting iam_client desired_arn associationes r<add_or_update_instance_profilerVos (||,@AJ$8 $<$@$@$HJbJfJfglJm#n nu-J5jBVWK'++E2kA SD-H\DZC[!\ ]K L#;v}}U';J 4*1~o>&+-HUi-j%k   $(< P#;v}}U';J *&+-HUi-j%k$\2   7 S  $Q R R S L  $J K K L P  $N O O  PsH0C55D2E5 D>DD E&D==E E*E%%E*c|jjdxsg}|jjdxsg}t||zdkDr&td|Dr|j dyyy)z| Validate Network interface public IP configuration Parameters: module: The ansible AWS module. network_interfacesnetwork_interfaces_idsc3bK|]'}|jd|jd)yw)assign_public_ipNr7.0is r< z,validate_assign_public_ip..s0D&'GYAZAf !Ds//zUThe option 'assign_public_ip' cannot be set to true with multiple network interfaces.msgN)r+r7lenany fail_json)r>rXrYs r<validate_assign_public_iprgs  **+?@FB#]]../GHNB  6 67!;D+=DA tuA; nb_instancesc t||jjd}|r|D]V}t|jdxsgDcgc]}|jds|c}dkDsE|j dX|dkDr3dD]-t fd|Ds|j d d /y y y cc}w) a This function is used to validate network specifications with the following constraints - 'assign_public_ip' cannot set to True when multiple network interfaces are specified - 'private_ip_addresses' only one IP can be set as primary - 'private_ip_addresses' or 'private_ip_address' can't be specified if launching more than one instance Parameters: module: The ansible AWS module. nb_instances: number of instance to create. rXprivate_ip_addressesprimaryrZzUOnly one primary private IP address can be specified when creating network interface.rb)private_ip_addressrkipv6_addressesc3FK|]}|jsdyw)TNr])r_intyopts r<raz*validate_network_params..sLdhhsmtLs!!z The option 'z<' cannot be specified when launching more than one instance.N)rgr+r7rdrfre)r>rirXrpr`rqs @r<validate_network_paramsrrsf%**+?@& Dtxx(>?E2Z!yIYAZ[^__  o!  ! W L(:LL$$*3%/kl%  [s B? "B? interface subnet_idgroupsc d|jddi}|jdr|d|d<|jdr |d|d<n|r||d<nt|||d<|jdr|dDcgc]}d |ic}|d <|jd r|d |d <|jd r}g|d<|d D]p}d |i}t|trFd |jd i}|jd"|j d|jdi|dj |r|jdd|d<|jdxs|} | rt ||| |d|d<|jd|d|d<|Scc}w)a Converts Ansible network interface specifications into AWS network interface spec Parameters: interface: Ansible network interface specification subnet_id: Subnet Id security_groups: Optional list of security groups. security_group: Optional security group. Returns: AWS network interface specification. DeviceIndex device_indexrr\AssociatePublicIpAddressrtSubnetIdrn Ipv6Address Ipv6AddressesrmPrivateIpAddressrkPrivateIpAddressesrlPrimarydelete_on_terminationTDeleteOnTerminationrururtGroups description Description)r7describe_default_subnet isinstancedictupdateappenddiscover_security_groups) rOr>rsrtruspecaaddrdinterface_groupss r<"ansible_to_boto3_eni_specificationrs$ y}}^Q7 D}}'(+45G+H '(}}[!$[1Z $Z266BZ}}%&=FGW=X Y-!3 Y_}})*#,-A#B  }}+,%' !"45 1D#T*A$%'2F)GH88I&2HHi))<=> % & - -a 0  1#,--0G"ND  }}X.8&1&&IYeijteuvX}}]#/' 6] K-!Zs7 F c lg}|j}|jd}|r0|Dcgc]%}|jd|jdd'}}|jd}|jdxs|jd}|jd}|jd } |r|jd r| rD|r|jd s|g} |j| D cgc]} t||| ||c} |S|s=|s;|jjd s |j t||i|||S|ra|jt |jd gD cgc]+\} } | t | tr| n| jdd -c} } |Scc}wcc} wcc} } w) z Returns network interface specifications for instance to be created. Parameters: module: The ansible AWS module. Returns: network specs (list): List of network interfaces specifications rYidrx)NetworkInterfaceIdrwnetworksecurity_groupssecurity_group vpc_subnet_idrX interfaceslaunch_template)rwr)r+r7extendrr enumeraterr) rOr>rr+rYenirrurrXrpidxs r<build_network_specrsJ ]]F#ZZ(@A. $'774=AX Y  jj#G ZZ) * Jfjj9I.JFJJ/M$89 L16H 7;;|4") / 3664X^_  $ 3FMMr?r\rXpublic_dns_names r<$warn_if_public_ip_assignment_changedr6s )))4:??@RSf%**+?@.a0445GHll?3O 06F 78H7IX`amXnWop\ \ P_6FrhcJ|jjd}|y|djd}|jd}|djd}|jd}||k7r|jd|d|d ||k7r|jd |d|d yy) N cpu_options CpuOptions CoreCount core_countThreadsPerCorethreads_per_corez!Unable to modify core_count from z to zD. Assigning a number of core is determinted during instance creationz'Unable to modify threads_per_core from zP. Assigning a number of threads per core is determined during instance creation.)r+r7r)r>r?rcore_count_currrthreads_per_core_currrs r<warn_if_cpu_options_changedrLs--##M2K|,00=O.J$\2667GH"'9:*$ //@ZLQ4 4  00 56K5LDQaPbcK K 1rh parent_vpc_idc| t||g}dd }t ||| S#td$r|jd|dY;t$r!}|j |d|dYd}~_d}~wwxYw) N) SubnetIdszInvalidGroup.NotFoundzCould not find subnet z] to associate security groups. Please check the vpc_subnet_id and security_groups parameters.z!Error while searching for subnet z parent VPC.rbrVpcId)vpc_id)rr#rfr"rPr)rOr>rurrtsubrUs r<rrds e"6i[ACAw 0 VV))@A    ( 4//  e  *KI;Vb(c d d es(#A6 A6A11A6c |jddt|jdiS|jdrt|jdjd|jdjd|jdjd|jdjd|jdjd }d|iSiS) N user_dataUserData aap_callback tower_addressjob_template_idhost_config_keywindows set_password)rrrrpasswd)r7r r))r+userdatas r<build_userdatarzs zz+*Ifjj&=>?? zz.!( **^488I"JJ~6::;LM"JJ~6::;LMJJ~.229=::n-11.A  H%% Irhc 4i}|j}|jdr |d|d<nh|jdrW|jd}|jd|d<|jdr|d|d<|jdr|d|d<|jds#|jd s|jd |jd |jd |d <|jt ||jd 2i|d<|jd jds2|jd jds|jd |jd jd&|jd jd|dd<|jd jd&|jd jd|dd<|jd jd/t |jd jd|dd<|jddrddi|d<|jdd|jdi|d<|jdd|jdi|d<|jd rQd|vr!t |jd |dd!<n,|jdd!t |jd i|jd"i|d<|jd"jd#&|jd"jd#|dd$<|jd"jd%&|jd"jd%|dd&<|jd"jd'&|jd"jd'|dd!<|jd"jd(&|jd"jd(|dd)<|jd"jd*&|jd"jd*|dd+<|jd"jd,&|jd"jd,|dd-<|jd"jd&|jd"jd|dd<|jd.|jd.|d/<|jd0r|jd0|d1<|jd2|jd2|d3<|jd4rZ|jd5rI|d5D]A}|jd6r|d6jd7rd8di|d9<0|jd: C|jd;Qi|d<<|jd;jd=|d<d><|jd;jd?|d<d@<|jdAri|dB<|jdAjdC|dBdD<|jdAjdE|dBdF<|jdAjdG|dBdH<|jdAjdI|dBdJ<|jdAjdK|dBdL<|jdMr|jdM|dN<|jdOr@g|dP<|jdOD]'}|dPjdQ|jdRi)|S)SNimage_idImageIdimagerramdisk RamdiskIdkernelKernelIdrzcYou must include an image_id or image.id parameter to create an instance, or use a launch_template.rbkey_nameKeyNameLaunchTemplatenamezyCould not create instance with launch template. Either launch_template.name or launch_template.id parameters are requiredLaunchTemplateIdLaunchTemplateNameversionVersiondetailed_monitoringFEnabledT Monitoringcpu_credit_specification CpuCreditsCreditSpecificationtenancyTenancy Placementplacement_group GroupName placementavailability_zoneAvailabilityZoneaffinityAffinity group_namehost_idHostIdhost_resource_group_arnHostResourceGroupArnpartition_numberPartitionNumber ebs_optimized EbsOptimized$instance_initiated_shutdown_behavior!InstanceInitiatedShutdownBehaviortermination_protectionDisableApiTerminationhibernation_optionsr.r/ encrypted ConfiguredHibernationOptionszHibernation prerequisites not satisfied. Refer to https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.htmlrrrrrrmetadata_optionsMetadataOptions http_endpoint HttpEndpoint http_tokens HttpTokenshttp_put_response_hop_limitHttpPutResponseHopLimithttp_protocol_ipv6HttpProtocolIpv6instance_metadata_tagsInstanceMetadataTagsadditional_infoAdditionalInfolicense_specificationsLicenseSpecificationsLicenseConfigurationArnlicense_configuration_arn) r+r7rfrrr str setdefaultr)r>rr+rvollicense_configurations r<build_top_level_optionsr sH D ]]F zz* ,Y G  7#))D/Y 99Y  %i 0D  99X $XD  88I vzz2C'Du  zz*) **Z0YKKv&' zz#$0!# zz+,006vzzJ[?\?`?`ag?h   /   ::' ( , ,T 2 >9?DU9V9Z9Z[_9`D! "#5 6 ::' ( , ,V 4 @;A::FW;X;\;\]c;dD! "#7 8 ::' ( , ,Y 7 C09&**EV:W:[:[\e:f0gD! "9 - zz'/'.\ zz,-9'3VZZ@Z5[&\ "# zz)(& 9(=>[ zz#$ $ -0,2JJ{,C,G,G ,SD j ) ::k " & &| 4 @-3ZZ -D-H-H-VD k * ::k " & &y 1 =*0**[*A*E*Ei*PD h ' ::k " & &'@ A M8> ;8O8S8STm8nD 4 5 ::k " & &'9 : F39::k3J3N3NOa3bD / 0 ::k " & &y 1 =+1::k+B+F+Fy+QD i ( zz/".%zz/:^ zz894:JJ?e4f 01 zz*+7(. 3K(L $% zz'(VZZ -B)$ Cwwu~#e*.."=.:D-A)*  n! zz- ,\/5zz-/H/L/LM_/`\+,*0**]*C*G*G *U\;' zz$%"$ 28**=O2P2T2TUd2e /06 ;M0N0R0RS`0a  -=CZZHZ=[=_=_ )>   9:7=jjAS6T6X6XYm6n  23:@**EW:X:\:\]u:v  67 zz#$!',=!>  zz*+(* $%%+ZZ0H%I  ! ( ) 0 0*,A,E,EFa,bc   Krhc|jdxsi}|jd|jd|d<t|ddg}|S)NtagsrrCr9r?)r7r()r+r specss r<build_instance_tagsr sL ::f  #D zz&%zz&)V $THj+A BE Lrh current_countcttjj}|j}|j dit ||jdxsd}|jdr|jd|z }||d<||d<t||t||}|r||d<t|}|r||d<t|}|||d <|jd r7tt|jd |jd  |d <|jdr|d|d<|jds|jds td|S)N) ClientTokencountrZ exact_countMinCountMaxCountNetworkInterfacesBlockDeviceMappingsTagSpecificationsrMrE)rDrB instance_type InstanceTyperz^At least one of 'instance_type' and 'launch_template' must be passed when launching instances.)ruuiduuid4hexr+rr r7rrrr=r rrOr) rOr>rrr+ri network_specs volume_specstag_specs r<build_run_instance_specr!sd JJL$$ D]]FDKK2)&12::g&+!L zz- zz-0=@ #D#DFL1&vv6M$1 !$V,L&2 "#"6*H$, !zz()%)+FMM%,@&**McBde&  !"zz/"%o6^ JJ '6::6G+H l   Krhidsdesired_module_state force_waitc |jjdds|sy|jryddddddddd}||vr|jd |d  ||}|j |} |j |d |jjd dd zdy#t jj$r>}dj|} |jt|d| d| Yd}~yd}~wt jj$r>}dj|} |jd| d|dt|Yd}~yd}~wwxYw)NwaitTinstance_existsinstance_status_okinstance_runninginstance_stoppedinstance_terminatedpresentstartedrunningstopped restartedrebooted terminatedabsentzCannot wait for state z, invalid staterb wait_timeoutX)Delay MaxAttempts) InstanceIds WaiterConfigz, z. Error waiting for instances z to reach state z Instances z took too long to reach state z. ) r+r7 check_moderf get_waiterr&botocore exceptionsWaiterConfigErrorjoinr WaiterErrorr) rOr>r"r#r$state_to_boto3_waiterboto3_waiter_typewaiterrU instance_idss r<await_instancesrG*s~ ==  VT *: %'%%)&+' #8856J5K?[\-.BC   0 1Fr %}}00EK      0 0 yy~ Q<. >|nL\]n\op       * *ryy~  j.LM^L__abklmbnaopqqrs$)3BE:4C33 E4E  Eskipc |g}g}|d}tdgd}d}|ddd||d d d ||d d d|g}|D]} |jj| j)| j|vr8 t ||| j }  | jd|jj| jk7st|d} | j|jj| j| | j<|j| |jjd} | sI|jjdr.|jdjds|jdg} | s7|jjds|jjdrt| xsgdkDst|ddkDr|jdnS t ||d} d}d}| ra| djd }| djd!}|s||jjd"ra|jjd"}nE|jjd"r|jjd"}nt||d#$}|xs8|jjdxs|jjd}|rZt||||%} d&Dcgc]}|d' }}t!|t!|k7r|jt||d(|jjd)}|;|jjdxsijd)}| t#|}|)|d*|k7r!|jt|dd|i+|S#t$r.} |j| d| j d|Yd} ~ {d} ~ wwxYw#t$r!} |j| d|Yd} ~ (d} ~ wwxYwcc}w),z!boto3 instance obj, module paramsNrG ParamMapper) param_key instance_keyattribute_name add_valuec d|iS)NValuer)r;s r< value_wrapperz/diff_instance_and_params..value_wrappercs |rhrr ebsOptimizedrrdisableApiTerminationrr instanceType)rN attributezCould not describe attribute rrbrP)rGrXrrrrrZrzQSkipping group modification because instance contains mutiple network interfaces.groupSetz3Could not describe attribute groupSet for instance rrtrurF)use_availability_zonerrGroupId)rrGsource_dest_checkSourceDestCheck)rGrZ)rr+r7rKrLrrMrrPrrNrrdrrrsetbool)rOr>r?rHchanges_to_applyid_rJrQparam_mappingsmappingvaluerU argumentsrXrtruginstance_groupsrYs r<diff_instance_and_paramsreVs=  | < C],hiK O^^]S,.EG^`mnO^^]SN"/ ==  W.. / 7    4 '  u/CSZSiSijE %% &w /6==3D3DWEVEV3W W#L1I/6.?.? @Q@QRYRcRc@d.eIg** +  # #I .!/$ **+?@ &--"3"3I">v}}U^G_GcGcdpGq$mmI67V]]../@AV]]EVEVWgEh !'R (1 ,H=P4Q0RUV0V KKk l i3FWab IF!.q155kB +A.228< V]]%6%6%G & 1 1/ BI""?3"MM--o> 3FFZ_` jv}}001BCjv}}GXGXYiGjF1&&[de9>x"IA1Y<"I"I'3v;6$++D8T`Ka,bc ))*=> #]]..y9?RDDEXY  ( $%6 7 $2C)DHY)Y #L1!(*; <   s u  *GH^H^G__mnqmr(s t t u&# i$$Q.abeaf,g$hh i(#Js68OP Q P"#P  P P=P88P=c|jjd}|yt|jd}t|t|zDcic]}||||k7r|||}}|sy|jdxs|jd|jdxs|jd|jdxs|jd|jdxs|jd|jdxs|jdd }d }|js t ||d fi||S|Scc}w#t $r$} |j| d |d  Yd} ~ |Sd} ~ wwxYw)NrFrrrrrr)rrrrrTrGzr?metadata_options_to_applyexisting_metadata_optionskeyr] request_argschangedrUs r< change_instance_metadata_optionsrls & 1 12D E ( 8FW9X Y01C8Q4RR  $S )-Fs-K K &s ++ '**=9i=V=Z=Z[h=i#3#7#78U#V$H $ ( ()F G(,,_=oAZA^A^_nAo,001EF? $ ( ()= > 0 4 45M N!C $ ( ()A B LG     ,VXl5K \| \ N7N90   UV^_kVlUmn !   N  sE0E E6E11E6c |jjdxs2|jjdxsijdxsgDcgc]}|jd}}|sytd|}|dDcgc]}|d }}t|t|z }|jset |D]W\} }|} | } t |tr&|jd} |jd xs| } | |vsE t|| |d | Yt|Scc}wcc}w#t$r&} |j| d | d |d Yd} ~ d} ~ wwxYw)a" Attach Network interfaces to the instance Parameters: client: AWS API client. module: The ansible AWS module. instance: A dictionnary describing the instance. Returns: A boolean set to True if changes have been done. rYrrrFcHt|tr|jdS|S)Nr)rrr7)xs r<z,change_network_attachments..s:a+>AEE$KArhrrrxrG)rwrGrzCould not attach interface z to instance rbN) r+r7mapr[r<rrrrrrPr\) rOr>r?rnew_enisnew_idsrpold_ids to_attachreni_idrxrUs r<change_network_attachmentsrws==$$%=> MM  i ( .B 3 3L A    H ExPG6>?R6STdt()TGTG s7|+I   !(+ HCFL#t$"ww~6=# " ,$0#+L#9+1  $  ??U"'((!r"rxsanitized_filtersr+ri instances reservations r<find_instancesrs #& JK ' 6C>>&);B3<!#++c3"78)0!#&  6 ?@QRSI)&;F;3 [123 rhc t|tddi}r|dSdS#t$r}|j|dYd}~*d}~wwxYw)N isDefaulttruerIzCould not describe default VPCrbr)rr*rrP)rOr>vpcsrUs r<get_default_vpcrs_FV-NP[]cOd-ef47$$ FQ$DEEFs# A AA vpcc  t|t|dddd}d}r0|t d|D}||vr||St |d }|d }|S#t$r#}|j|d|dYd}~]d}~wwxYw) Nr availabler)zvpc-idstatezdefault-for-azrIz+Could not describe default subnets for VPC rbc3*K|] }|d|f yw)rNr)r_subnets r<raz%get_default_subnet..7sYvv&896BYsc |dS)Nrr)ss r<rpz$get_default_subnet..=s a0B.Crhrir)rr*rrPrsorted) rOr>rrsubnetsrUresult subs_by_azby_azs r<get_default_subnetr$s b" 5!'l(&,  F  (YQXYYJ J.!"344w$CDq M bQ&QRUV]R^Q_$`aabsA BA<<Bct}d}|dvrt||||\}}}} |tt|z}|r |j d| t ||tdt |gt |g||D cgc] } t | c} }|S|dvrt|||d \}}}} |r |j d | t || |tt|z}t||||\}}}} |tt|z}|r |j d | t ||td t ||g|D cgc] } t | c} }|S|dvrt||||\}}}} |tt|z}|r |j d | t || tdt ||g|D cgc] } t | c} }|S|dvrxt||||\} } }} | r |j d| t | | tdt | tt| g|D cgc] } t | c} }|Scc} wcc} wcc} wcc} w)zB Sets return keys depending on the desired instance state F)r/r.)rxr#zUnable to start instances: )rcreboot_success reboot_failedzInstances started)rc start_success start_failedrrrkr)r1r2r0zUnable to stop instances: )rc stop_success stop_failedzUnable to restart instances: zInstances restarted)rcrrkrr)r0zInstances stopped)rcrrkrrr4r3zUnable to terminate instances: )rcterminate_successterminate_failedzInstances terminated)rcrrkrr)rchange_instance_stater\rdrfr}pretty_instance) rOr>r#rxresultsrk_changedfailedrfailure_reasonr`r3rs r<ensure_instance_staterBs  fGG556K FGBV7 3&)^ 4H &&    1.1AB#H~$   #x.>3<=aq)=  ~ Nk !: :7L  !* 7 3&)^    00@A!(^"   4H &&6K  !5 7 3&)^ 4H &&    3N3CD#H~$   %>3<=aq)=  f NY  -6K  !5 7 3&)^ 4H &&    00@A!(^"   #h3<=aq)=  8 N+ !9 9BW  !5 C ? $i    5n5EF"&z"2!1   &":.Z)3<=aq)=   No>R>.>*>s?I,I1I6I;c Rddddddddd}||t}t|||}tfd|D}t}d} |D]} dk(r| dd d k(rt||| d gdd n| dd dk(rt||| d gdd |jr|j | d jt || d g} |j | D cgc]} | d  c} dk(r| dd dk(rt||| d gdd n| dd dvr|j | d |jr|j | d t|| d g} |j | D cgc]} | d  c} dk(r| dd dvr|j | d [| dd d k(rt||| d gdd |jr|j | d t|| d g} |j | D cgc]} | d  c} |r$t||t|t|z|t||z }|rt||td|D}|||| fScc} wcc} wcc} w#t$r} t| } Yd} ~ Ud} ~ wwxYw)Nr/r0r3r,rxc3@K|]}|ddk7s|dyw)StaterCrGNr)r_r`desired_ec2_states r<raz(change_instance_state..s&b!G*V:LPa:aAlObs rrCstoppingrGTr#r$pending)rF)rr0)rr/)r"r#c3&K|] }|d yw)rGNrr^s r<raz(change_instance_state.. s;_PQAlO;_sr") r[rrGr<addr!rr rrrr})rOr>rxr#ec2_instance_statesrkr to_change unchangedrinstrespr`rU change_failedrs @r<rrs " ,,@AeGvvw?IbYbbIIN7$6 $ L0=(J6#l);(A,>? I-=(I5#l);(A,>? I-=(,BBMM$|"45=(J6#l);(A,>?k7$rDMDO,KbvwW,-M"66t;_U^;_7_` M9n <rrNrrxr#s r<modify_instance_typer sk  }G&&)W=FF IbfgfI+II).(:9&&*>Hrhc |js<|D]6}|jd} d|vrt|||||nt|fd|i|8yy#t$r*}|j |dt |dYd}~id}~wwxYw)NrGrrNzCould not apply change z to existing instance.rb)r<poprrrrPr)rOr>rrcrNrUs r<modify_ec2_instance_attributer/ s    fA%% -K f!Q&( QO-fS+SQRS  f # f$$Q.Ec!fXMc,d$ee fs"A  A= A88A=existing_matchesc d|jjd}|jjd}|jjd}|r|d}i}|jd|id}t} |D]} |t ||| d||z}|t ||| z}t ||| } t|||| | j| |t| z}|t||| |jjdz}|t||| z}t|||D cgc]} | d c} } t|| D cgc] } t| c} | D cgc]} | d c}  }t||||}|d xx|j!d dzcc<i||}|Scc} wcc} wcc} w) Nr  purge_tagsrFrCrG)r rrMr)rkrrFrrk)r+r7rr}rrlrerrr\rVrwrrrrr)rOr>rrrxr rrrk all_changesr?rr`alteredalter_config_result state_resultsrs r<handle_existingr< s ==  V $D""<0J ==  V $D  <JD VTN#G&K$ H?668L3IPTakll3FFHMM*668D%ffeWE7#4= 1&&(FMML]L]^tLuvv-ffhGG HVVK[1\a!L/1\]G/67!?1%7/67!a o7 *&&%IM "m&7&7 5&II" 5 5!4 5F M2]87s% F# F(  F- c |jjd}t|}||k(rf|dvrt|||||}nt ||||}|dr|St d|Dcgc] }t |c}|Dcgc]}|d c}|d|dS||krt||||| }nu||z } t|d }|D cgc]} | d } } | d | } t d | | d| }|js- t|| t||| dd t d d| | |}|js$t|||}t|||||}|dr|}|Scc}wcc}wcc} w#t$r} |j| dYd} ~ d} ~ wwxYw)NrrrkFrGz instances already z, nothing to do.)rkrrFrc)rr#rc |dS)N LaunchTimer)rs r<rpzenforce_count.. s T,EWrhrrTz?Would have terminated following instances if not in check mode )rkterminated_idsrFrczUnable to terminate instancesrbr3rz"Successfully terminated instances.)rkrcrrFrr)r+r7rdrrrrensure_presentrr<r!r"rfrGr)rOr>rr#rxrrrr` to_terminateroall_instance_ids terminate_idsrUupdated_resultss r< enforce_countrp s--##M2K()M # '? ?%ff6FH\^efG+FFrr#rr r instance_specrorFinstance_responserr`insrUrr all_instancess r<rr sv  !!&)/R 0D ==  V $D V +FFMJM  5EFAlOFLF)*"I  "I  &f> >!+.I-67AlO7L7FFLy]ab U V $ ./$( +663jR`Eab%ff6JGT U6FFAlOFU ==  V $ (-"  )"  FFLG[\vv<@I(94 $)3@Aaq)A   %3<=aq)=   GG 8 V  (T U U VG0B>s6* G+ G G G9G>*H  G6G11G6rc t|fi|S#td$r$tjdt|fi|cYSwxYw)Nz Invalid IAM Instance Profile ARN )run_ec2_instancesr$timesleep)rOrs r<rr sI: 9=99 '(J K: 2 9=99 :s /AArWct||}|s|jd|r|jjdnd}t ||||dS)a1 Read default subnet associated to the AWS account Parameters: client: AWS API client module: The Ansible AWS module use_availability_zone: Whether to use availability zone to find the default subnet. Returns: The default subnet id. z^No default subnet could be found - you must include a VPC subnet ID (vpc_subnet_id parameter).rbrNrz)rrfr+r7r)rOr>rW default_vpcrs r<rr s_"&&1K q  CX ))*=>]a ffk;L Mj YYrhci}|jjdxs.|jjdxsijd}|jjdr!|jjdg|d<|S|r*|Dcgc]}t|tr|dn|c}|d<|St |||d<|Scc}w)zz Create Network filters for the DescribeInstances API Returns: Dictionnary of network filters rYrrrz subnet-idrz&network-interface.network-interface-id)r+r7rrr)rOr>rxrYrs r<build_network_filtersr3 s G#]]../GHV]]M^M^_hMiMomoLtLtM}}) & 1 1/ BC  N CY= instance_state_namesrxrFname_tags r< build_filtersrH sHG==$$^4L, -#/.I]^, N+ L$ 'C ,=".G[\( N%}}  !23 NN0@ A ==  V $#)==#4#4V#<"=GJ  ]]  v &}}((044VTBH'/j # ==  Z (#)==#4#4Z#@"AGJ mm(.B 3 3D 9#)==#4#4Wb#A#E#Ed#K"LGJ  -AG) * Nrhctdvidtdgddtddd td d d td dtd dtdttd td td dtd dtd dtd dtddgdgttddtddtd td tdddtd d tdd!g"d#td d$tgd%d&d'td d(tdd)g"d*td d+tdd,g"d-tddd.tddd/td d0td%dttdd123d4td d5tdd6d7g8d9tdttd d1td d:d;gd<=d>tdd?d@g8dAtd dBtdttd td td td td td tdgdC8DdEtddFdGg8dHtd dItdddJtd dKtgd%d&dLtdddMtdd%d&dNtdttdOdPgdOQtd d:tdRdSgdRQtdPdOgdPQtdPdOgdPQTdUtd dVtd%dttdWtd dXY3dZtd%dttd ttd%d[ttd%dttdWtd \3ttddtd dXtd%d[] 3d^td }t|d$d'gd#d gddgddgdd gddKgd>dBgdAdBgdLdZgdLdVgd'dVgd$dVgg d_}t}|jjdLr|j d`dadbc|jdLjddrZ|jjd'r|j def|jjd$r|j dgf|jdLjd^,|jjd^|j dh|jjdAr|j didjdbc|jjd>r|j dkdjdbc|jjd}tjgdlm}|jdn|o}|jjd.}| t||} g}|rt|||p}|dqvr|rt||||}ntdrds}n|jjdrt|||||t}n\|rK|jjd s0|D]}t||t||t!|||||p}nt#||||u}|j,dvi|y#t$$rY} | j&r'|j)| j&| j*f|j | j*fYd} ~ pd} ~ wwxYw)wNrr-r,)defaultchoicesr&Tr\)rtyper6r7r8r)rrrrr)rrr)roptionsrrrrtower_callback)rF)rrrFF)rr)rno_log)rrrrr)raliases required_ifrrrrt)rrrrr})rrelementsrrM instance_rolerr  resource_tagsrrxrr)rrequired)r)rrrrrstandard unlimited)rrrrZ)rrr)rrr dedicatedrrr)rrhost)rrrrrrrrstop terminaterrrrFrr.renableddisabled)rroptionalr)rrrrrrrY)rr)rrxrX)rr)rmrl) r\rmrnrrkrtrrxrurY) argument_specmutually_exclusivesupports_check_modezoThe network parameter has been deprecated, please use network_interfaces and/or network_interfaces_ids instead.z 2026-12-01z amazon.aws)datecollection_namerz>Parameter network.interfaces can't be used with security_grouprbz?Parameter network.interfaces can't be used with security_groupsz^the source_dest_check option has been set therefore network.source_dest_check will be ignored.z[The placement_group parameter has been deprecated, please use placement.group_name instead.z 2025-12-01zPThe tenancy parameter has been deprecated, please use placement.tenancy instead.)IncorrectStateInsuffienctInstanceCapacityzInvalidInstanceID.NotFound)catch_extra_error_codesec2)retry_decoratorr)r3r4zNo matching instances found)rcrk)r#rx)rr#r)rr%r+r7 deprecaterfrr&jittered_backoffrOrrrrrrrrr exceptionrPmessage exit_json) rr>rrr rOrxrmatchrUs r<mainrg s/Bq B $V , B #E2 BBe$BU#%(' B"5!#B$&%B&E"'B(%&  &%8!uT:". $% 0 $% =  )BV'WBX }=YBZE*[B\RfuE]B^'_B`"u6GHaBbu cBdv'8 9eBfVT2gBh&$/iBj&)kBl $*.ED*I mBz5!{B|"&5:{:S!T}B~UT:!%51a&4!P BL%+y)ABMBN%(OBP5)"&E"2U+%((,%(8!%5!1%1QR  QBh.2uv{F[-\iBj $0kBl!fe ImportErroransible.module_utils._textr 0ansible.module_utils.common.dict_transformationsr r ansible.module_utils.sixr7ansible_collections.amazon.aws.plugins.module_utils.ec2rrrrrrrrrrrrrrrrrrr r!>ansible_collections.amazon.aws.plugins.module_utils.exceptionsr"r#r$;ansible_collections.amazon.aws.plugins.module_utils.modulesr%;ansible_collections.amazon.aws.plugins.module_utils.retriesr&;ansible_collections.amazon.aws.plugins.module_utils.taggingr'r(9ansible_collections.amazon.aws.plugins.module_utils.towerr)Bansible_collections.amazon.aws.plugins.module_utils.transformationr*rr=r\rVrgr8rrrrrrrrr r r!rGrerlrwrrrrrrrrrrrrrrr__name__rrhr<r'sXM ^J XE N "  1UU1Sb\n_\VTQ_Si]dlfSRWZdgXPf`[pQd38nQd38n1EQ$/$/04S#X/VY/ /d v&6 v4 v$4CD>5 5CH~5} 5 U49c>* + 5  #s(^ 5p-'7-Dc3h)^b)Zlp$+3DI+>PXY]^acf^fYgPh $sCx..%$4%$sCx.9Q%NR$+/S> d38n CDU=p I I I I #tCH~% & I  I0 f2B f3 fY]^bcfhkck^lYm frv f1 14S>*1  1 d38n % 1  #s(^ 1hH H4S>*H H d38n % H  #s(^ H`$( X X tDcN34X  X C= X  #s(^ X v:4S>:d38n:Z,<ZUYZehZ&*:tCcN?S*"2tCH~>fR zFu0  sN..N76N7