VhN\dZdZdZddlZ ddlZddlmZddlmZddl m Z ddl m Z dd l mZdd lmZdd lmZdd lmZdd lmZddlmZGddeZdZdZdZdZdZdZdZdZ ejBdZ"dZ#dZ$dZ%dZ&dZ'e(dk(re'yy#e$rYwxYw) aK --- module: ssm_parameter version_added: 1.0.0 short_description: Manage key-value pairs in AWS Systems Manager Parameter Store description: - Manage key-value pairs in AWS Systems Manager (SSM) Parameter Store. - Prior to release 5.0.0 this module was called C(community.aws.aws_ssm_parameter_store). The usage did not change. options: name: description: - Parameter key name. required: true type: str description: description: - Parameter key description. required: false type: str value: description: - Parameter value. required: false type: str state: description: - Creates or modifies an existing parameter. - Deletes a parameter. required: false choices: ['present', 'absent'] default: present type: str string_type: description: - Parameter String type. required: false choices: ['String', 'StringList', 'SecureString'] default: String type: str aliases: ['type'] decryption: description: - Work with SecureString type to get plain text secrets type: bool required: false default: true key_id: description: - AWS KMS key to decrypt the secrets. - The default key (C(alias/aws/ssm)) is automatically generated the first time it's requested. required: false default: alias/aws/ssm type: str overwrite_value: description: - Option to overwrite an existing value if it already exists. required: false choices: ['never', 'changed', 'always'] default: changed type: str tier: description: - Parameter store tier type. required: false choices: ['Standard', 'Advanced', 'Intelligent-Tiering'] default: Standard type: str version_added: 1.5.0 seealso: - ref: amazon.aws.aws_ssm lookup description: The documentation for the C(amazon.aws.aws_ssm) lookup plugin. author: - "Davinder Pal (@116davinder) " - "Nathan Webster (@nathanwebsterdotme)" - "Bill Wang (@ozbillwang) " - "Michael De La Rue (@mikedlr)" notes: - Support for I(tags) and I(purge_tags) was added in release 5.3.0. extends_documentation_fragment: - amazon.aws.common.modules - amazon.aws.region.modules - amazon.aws.tags - amazon.aws.boto3 a - name: Create or update key/value pair in AWS SSM parameter store community.aws.ssm_parameter: name: "Hello" description: "This is your first key" value: "World" - name: Delete the key community.aws.ssm_parameter: name: "Hello" state: absent - name: Create or update secure key/value pair with default KMS key (aws/ssm) community.aws.ssm_parameter: name: "Hello" description: "This is your first key" string_type: "SecureString" value: "World" - name: Create or update secure key/value pair with nominated KMS key community.aws.ssm_parameter: name: "Hello" description: "This is your first key" string_type: "SecureString" key_id: "alias/demo" value: "World" - name: Always update a parameter store value and create a new version community.aws.ssm_parameter: name: "overwrite_example" description: "This example will always overwrite the value" string_type: "String" value: "Test1234" overwrite_value: "always" - name: Create or update key/value pair in AWS SSM parameter store with tier community.aws.ssm_parameter: name: "Hello" description: "This is your first key" value: "World" tier: "Advanced" - name: recommend to use with aws_ssm lookup plugin ansible.builtin.debug: msg: "{{ lookup('amazon.aws.aws_ssm', 'Hello') }}" - name: Create or update key/value pair in AWS SSM parameter store w/ tags community.aws.ssm_parameter: name: "Hello" description: "This is your first key" value: "World" tags: Environment: "dev" Version: "1.0" Confidentiality: "low" Tag With Space: "foo bar" - name: Add or update a tag on an existing parameter w/o removing existing tags community.aws.ssm_parameter: name: "Hello" purge_tags: false tags: Contact: "person1" - name: Delete all tags on an existing parameter community.aws.ssm_parameter: name: "Hello" tags: {} a5 parameter_metadata: type: dict description: - Information about a parameter. - Does not include the value of the parameter as this can be sensitive information. returned: success contains: data_type: type: str description: Parameter Data type. example: text returned: success description: type: str description: Parameter key description. example: This is your first key returned: success last_modified_date: type: str description: Time and date that the parameter was last modified. example: '2022-06-20T09:56:58.573000+00:00' returned: success last_modified_user: type: str description: ARN of the last user to modify the parameter. example: 'arn:aws:sts::123456789012:assumed-role/example-role/session=example' returned: success name: type: str description: Parameter key name. example: Hello returned: success policies: type: list description: A list of policies associated with a parameter. elements: dict returned: success contains: policy_text: type: str description: The JSON text of the policy. returned: success policy_type: type: str description: The type of policy. example: Expiration returned: success policy_status: type: str description: The status of the policy. example: Pending returned: success tier: type: str description: Parameter tier. example: Standard returned: success type: type: str description: Parameter type example: String returned: success version: type: int description: Parameter version number example: 3 returned: success tags: description: A dictionary representing the tags associated with the parameter. type: dict returned: when the parameter has tags example: {'MyTagName': 'Some Value'} version_added: 5.3.0 N) BotoCoreError) ClientError)camel_dict_to_snake_dict)is_boto3_error_code)AWSRetry)ansible_dict_to_boto3_tag_list)boto3_tag_list_to_ansible_dict)compare_aws_tags)BaseWaiterFactory)AnsibleCommunityAWSModulec2eZdZfdZefdZxZS)ParameterWaiterFactorycP|jd}tt|||y)Nssm)clientsuperr__init__)selfmoduler __class__s o/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/aws/plugins/modules/ssm_parameter.pyrzParameterWaiterFactory.__init__ s#u% $d4VVDc8tt| }ttdddtdddtddd d td dd d gtdddtddd d td dd d td ddg}|j ||S)NDescribeParametersretryerrorParameterNotFound)statematcherexpectedpathTz length(Parameters[].Name) == `0`)r r!r"argumentsuccesszlength(Parameters[].Name) > `0`) operationdelay maxAttempts acceptorszlength(Parameters[]) == `0`)parameter_existsparameter_deleted)rr_waiter_model_datadictupdate)rdatassm_datars rr,z)ParameterWaiterFactory._waiter_model_datas+TE!.wBUVwPrsy&4Rst #.wPqry&4Ropy'DWX  , H r)__name__ __module__ __qualname__rpropertyr, __classcell__)rs@rrr sErrc|jryt|}|jd} |jd|gdgy#tj j $r|jdYytj jtj jf$r}|j|dYd}~yd}~wwxYw)Nr*NameKeyValuesParameterFilters&Timeout waiting for parameter to existz7Failed to describe parameter while waiting for creationmsg check_moder get_waiterwaitbotocore exceptions WaiterErrorwarnrr fail_json_awsrrnamewfwaiteres r _wait_existsrN+s   'B ]]- .F_ &,?@      * *> <=    + +X-@-@-N-N O_Q$]^^_A.C36C)CCcp|jrytddD]C} t||d|gdg}|jdd|kDry tjdEy#tj j tj jf$r}|j|d Yd}~gd}~wwxYw) Nr r7r8r;Versionrz5Failed to describe parameter while waiting for updater>) rArangedescribe_parametergetrDrErrrHtimesleep)rrrJversionx parameterrMs r _wait_updatedr[:s  1b\ a*66U[hlgmMnLopI}}Y*W45 1  ##//1D1D1R1RS a  (_ ` ` as(A!!7B5B00B5c|jryt|}|jd} |jd|gdgy#tj j $r|jdYytj jtj jf$r}|j|dYd}~yd}~wwxYw)Nr+r7r8r;r=z7Failed to describe parameter while waiting for deletionr>r@rIs r _wait_deletedr]Hs   'B ]]. /F_ &,?@      * *> <=    + +X-@-@-N-N O_Q$]^^_rOc |jdd||S#ttf$r}|j|dYd}~yd}~wwxYw)NT Parameter) aws_retry ResourceType ResourceIdTagsz!Failed to add tag(s) to parameterr>)add_tags_to_resourcerrrH)rrparameter_nametagsrMs r tag_parameterrgWsZI**VZ+   ; 'IQ$GHHIA>Ac |jdd||S#ttf$r}|j|dYd}~yd}~wwxYw)NTr_)r`rarbTagKeysz&Failed to remove tag(s) from parameterr>)remove_tags_from_resourcerrrH)rrretag_keysrMs runtag_parameterrm`sZN//Ya0   ; 'NQ$LMMNrhc |jdd|d}t|}|S#ttf$r}|j |dYd}~yd}~wwxYw)NTr_)r`rarbTagListz!Unable to retrieve parameter tagsr>)list_tags_for_resourcer rrrH)rrrerf tags_dictrMs rget_parameter_tagsrrishI,,t+bp,q  348  ; 'IQ$GHHIs#&AA  Ac$d}i}|d|fSt|||}t|||jjd\}}|r)|jrd|fSt |||t |}d}|r |jrd|fSt||||}d}||fS)NF purge_tagsT)rrr paramsrUrArgrrm) rrre supplied_tagschangedresponse current_tags tags_to_addtags_to_removes rupdate_parameter_tagsr|tsGHh%ffnEL"2<PVP]P]PaPabnPo"pK   > ! A_`kAlm   > !"66>>R H rc d}i}|jrd|fS |jdddi|}d}||fS#tjjtjj f$r }|j |dYd}~||fSd}~wwxYw)NFTr`setting parameterr>)rA put_parameterrDrErrrH)rrargsrwrxexcs rupdate_parameterrsGH X~;'6''?$?$? H     + +X-@-@-N-N O;S&9:: H ;s07B'BBc |jd}|jdi|j}|dsyt|||jj d}||ddd<|ddS)Ndescribe_parameters ParametersrJrrfr) get_paginatorpaginatebuild_full_resultrrrurU)rrr paginatorexisting_parameterrqs rrTrTs$$%:;I+++3d3EEG l +"666==3D3DV3LMI2;|$Q'/ l +A ..rcd}d}i}t|jjd|jjd|jjd}|jjddvr|jd n|jd |jjd +|j|jjd  |jjd r+|j|jjd  |jjddk(r+|j|jjd |j d|dd}|ry|dd}d|vr |dd|d<|jjddk(rt||fi|\}}n|jjddk(r|dd|dk7rt||fi|\}}nn|dd|dk7rt||fi|\}}nO|jdr> t||d|dgdg}jd|dk7rt||fi|\}}|r't|||jjd||jjddk7r=t|||dd|jjd \} } |xs| }| r| |d!<||fS|jjd rF|jt|jjd "|jd t||fi|\}}t|||jjd||fS#t j j$rY7t j j$r}|j|dYd}~ld}~wwxYw#t j jt j jf$r}|j|dYd}~d}~wwxYw)#NFrJ string_typetier)r7TypeTieroverwrite_value)alwaysrwT) Overwritevalue)Value description) Description SecureStringkey_id)KeyIdr7r`r7WithDecryptionzfetching parameterr>r_rRrrrwrrr8r;zgetting description valueneverrf tag_updates)rc)r-rurUr. get_parameterrDrErrrHrrTr[r|rrN) rrrwrrxrrMoriginal_versiondescribe_existing_parameter tags_changed tags_responses rcreate_update_parameterrsGH V]]&&v.V]]5F5F}5U\b\i\i\m\mnt\u vD }}*+/DD d # e $ }}!- &--++G4 5 }}'  1 1- @ A }}'>9 &--++H5 6:#11DtF|dh1i -k:9E $ .{;GDDM ==  . /8 ;"266"JT"J Wh ]]  0 1Y >!+.v6$v,F&6vv&N&N#(#K09T']J&6vv&N&N#(-(M2D&UYZ`UaTb:c9d3/ /22=AT-EXX*:66*RT*R'Wh  &&&--*;*;F*CEU V ==  . /7 :*? 2; ? GIZIZ[aIb+ 'L--G*7' H  ==  V $ KK;FMM? H o    * *     , ,:Q$899:0!++779L9L9Z9Z[M((0K(LLMs68N&P&PP"O;;P7Q:QQci} |jd|jjdd}sdifS|jrdifS |jd|jjd}t|||jjdd|fS#td$rdifcYStj j $rd}Ytj j$r}|j|dYd}~d}~wwxYw#td$rdifcYStj j tj jf$r}|j|d Yd}~d}~wwxYw) NTrJrrFr~r>)r`r7zdeleting parameter) rrurUrrDrErrrHrAdelete_parameterr])rrrxrrMs rrrspH9#11Dv}}GXGXY_G`qu1v by Rx:**T @Q@QRX@Y*Z&&&--"3"3F";< >3 2 3by    * *"!    , ,9Q$7889 2 3by'')) : Q$899 :sA-B,DD 2D D .DD E5"6E5E00E5cTtj}|jd|}|S)Nr)retry_decorator)rjittered_backoffr)rr connections r setup_clientrs(//1OuoFJ rcFttdttddtdddgtdgd d g tdd tdtdgdtdgdtddgtd d }t|dS)NT)requiredF)rno_logpresentabsent)defaultchoicesString)r StringListrtype)rraliasesbool)rrz alias/aws/ssm)rrw)rrwrStandard)rAdvancedzIntelligent-Tieringr- resource_tags)rr)rr) rJrrr r decryptionrrrrfrt) argument_specsupports_check_mode)r-AnsibleAWSModule)rs rsetup_module_objectr!s 4 FE$/9y(.CD3[flemn62O,Y8VW *.] ^ v'8 9VT2 M #  rc t}|jjd}t|}tt d}||||\}}d|i} t ||d|jjdgdg}rt|d g |d<|jdd|i|y#td$rd ifcYStjjtjjf$r}|j|d Yd}~d}~wwxYw)Nr )rrrxr7rJr8r;rFzto describe parameterr>rf) ignore_listparameter_metadatarwr)rrurUrrrrTrrDrErrrHr exit_json) rr r invocationsrwrxresultrrMs rmainr6s "F MM  g &E & !F+"K-+e,VV<Wh( #F=/ FfIZIZ[aIbHc.d-e '?@Rag`h'i#$F/W// 2 3by    + +X-@-@-N-N O=Q$;<<=s,B&&D :6D 0DD __main__)) DOCUMENTATIONEXAMPLESRETURNrVrDbotocore.exceptionsrr ImportError0ansible.module_utils.common.dict_transformationsransible_collections.community.aws.plugins.module_utils.modulesr rrrNr[r]rgrmrrr|rrrTrrrrrr1rrrrsX tD LK Z  1/V\PffXYx.D _  _INI0  / /NbB *06 zFo   sB##B+*B+