diff --git a/README.md b/README.md
index 8a977561530..d9aa702a0d7 100644
--- a/README.md
+++ b/README.md
@@ -56,10 +56,6 @@ Name | Description
[community.aws.aws_ssm_parameter_store](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_ssm_parameter_store_module.rst)|Manage key-value pairs in AWS SSM parameter store
[community.aws.aws_step_functions_state_machine](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_step_functions_state_machine_module.rst)|Manage AWS Step Functions state machines
[community.aws.aws_step_functions_state_machine_execution](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_step_functions_state_machine_execution_module.rst)|Start or stop execution of an AWS Step Functions state machine.
-[community.aws.aws_waf_condition](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_waf_condition_module.rst)|Create and delete WAF Conditions
-[community.aws.aws_waf_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_waf_info_module.rst)|Retrieve information for WAF ACLs, Rule , Conditions and Filters.
-[community.aws.aws_waf_rule](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_waf_rule_module.rst)|Create and delete WAF Rules
-[community.aws.aws_waf_web_acl](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_waf_web_acl_module.rst)|Create and delete WAF Web ACLs
[community.aws.batch_compute_environment](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.batch_compute_environment_module.rst)|Manage AWS Batch Compute Environments
[community.aws.batch_job_definition](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.batch_job_definition_module.rst)|Manage AWS Batch Job Definitions
[community.aws.batch_job_queue](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.batch_job_queue_module.rst)|Manage AWS Batch Job Queues
@@ -217,6 +213,10 @@ Name | Description
[community.aws.storagegateway_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.storagegateway_info_module.rst)|Fetch AWS Storage Gateway information
[community.aws.sts_assume_role](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sts_assume_role_module.rst)|Assume a role using AWS Security Token Service and obtain temporary credentials
[community.aws.sts_session_token](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sts_session_token_module.rst)|Obtain a session token from the AWS Security Token Service
+[community.aws.waf_condition](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.waf_condition_module.rst)|Create and delete WAF Conditions
+[community.aws.waf_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.waf_info_module.rst)|Retrieve information for WAF ACLs, Rules, Conditions and Filters
+[community.aws.waf_rule](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.waf_rule_module.rst)|Create and delete WAF Rules
+[community.aws.waf_web_acl](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.waf_web_acl_module.rst)|Create and delete WAF Web ACLs
[community.aws.wafv2_ip_set](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.wafv2_ip_set_module.rst)|wafv2_ip_set
[community.aws.wafv2_ip_set_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.wafv2_ip_set_info_module.rst)|Get information about wafv2 ip sets
[community.aws.wafv2_resources](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.wafv2_resources_module.rst)|wafv2_web_acl
diff --git a/changelogs/fragments/1299-waf-renames.yml b/changelogs/fragments/1299-waf-renames.yml
new file mode 100644
index 00000000000..a54c9956aac
--- /dev/null
+++ b/changelogs/fragments/1299-waf-renames.yml
@@ -0,0 +1,5 @@
+minor_changes:
+- aws_waf_condition - the ``aws_waf_condition`` module has been renamed to ``waf_condition``, ``aws_waf_condition`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1299).
+- aws_waf_info - the ``aws_waf_info`` module has been renamed to ``waf_info``, ``aws_waf_info`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1299).
+- aws_waf_rule - the ``aws_waf_rule`` module has been renamed to ``waf_rule``, ``aws_waf_rule`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1299).
+- aws_waf_web_acl - the ``aws_waf_web_acl`` module has been renamed to ``waf_web_acl``, ``aws_waf_web_acl`` remains as an alias (https://github.com/ansible-collections/community.aws/pull/1299).
diff --git a/docs/community.aws.aws_waf_condition_module.rst b/docs/community.aws.waf_condition_module.rst
similarity index 99%
rename from docs/community.aws.aws_waf_condition_module.rst
rename to docs/community.aws.waf_condition_module.rst
index 2d48e0f263d..275813ab4f1 100644
--- a/docs/community.aws.aws_waf_condition_module.rst
+++ b/docs/community.aws.waf_condition_module.rst
@@ -1,9 +1,9 @@
-.. _community.aws.aws_waf_condition_module:
+.. _community.aws.waf_condition_module:
-*******************************
-community.aws.aws_waf_condition
-*******************************
+***************************
+community.aws.waf_condition
+***************************
**Create and delete WAF Conditions**
@@ -18,6 +18,7 @@ Version added: 1.0.0
Synopsis
--------
- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/
+- Prior to release 5.0.0 this module was called ``community.aws.aws_waf_condition``. The usage did not change.
@@ -569,7 +570,7 @@ Parameters
|
- Whether to use waf-regional module.
+ Whether to use waf-regional module.
|
@@ -592,7 +593,7 @@ Examples
.. code-block:: yaml
- name: create WAF byte condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_byte_condition
filters:
- field_to_match: header
@@ -602,7 +603,7 @@ Examples
type: byte
- name: create WAF geo condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_geo_condition
filters:
- country: US
@@ -611,7 +612,7 @@ Examples
type: geo
- name: create IP address condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: "{{ resource_prefix }}_ip_condition"
filters:
- ip_address: "10.0.0.0/8"
@@ -619,7 +620,7 @@ Examples
type: ip
- name: create WAF regex condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_regex_condition
filters:
- field_to_match: query_string
@@ -632,7 +633,7 @@ Examples
type: regex
- name: create WAF size condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_size_condition
filters:
- field_to_match: query_string
@@ -641,7 +642,7 @@ Examples
type: size
- name: create WAF sql injection condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_sql_condition
filters:
- field_to_match: query_string
@@ -649,7 +650,7 @@ Examples
type: sql
- name: create WAF xss condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_xss_condition
filters:
- field_to_match: query_string
diff --git a/docs/community.aws.aws_waf_info_module.rst b/docs/community.aws.waf_info_module.rst
similarity index 97%
rename from docs/community.aws.aws_waf_info_module.rst
rename to docs/community.aws.waf_info_module.rst
index f57c90518fc..d2d9cb7a006 100644
--- a/docs/community.aws.aws_waf_info_module.rst
+++ b/docs/community.aws.waf_info_module.rst
@@ -1,11 +1,11 @@
-.. _community.aws.aws_waf_info_module:
+.. _community.aws.waf_info_module:
-**************************
-community.aws.aws_waf_info
-**************************
+**********************
+community.aws.waf_info
+**********************
-**Retrieve information for WAF ACLs, Rule , Conditions and Filters.**
+**Retrieve information for WAF ACLs, Rules, Conditions and Filters**
Version added: 1.0.0
@@ -17,7 +17,8 @@ Version added: 1.0.0
Synopsis
--------
-- Retrieve information for WAF ACLs, Rule , Conditions and Filters.
+- Retrieve information for WAF ACLs, Rules, Conditions and Filters.
+- Prior to release 5.0.0 this module was called ``community.aws.aws_waf_info``. The usage did not change.
@@ -242,7 +243,7 @@ Parameters
- Whether to use the waf-regional module.
+ Whether to use the waf-regional module.
|
@@ -265,14 +266,14 @@ Examples
.. code-block:: yaml
- name: obtain all WAF information
- community.aws.aws_waf_info:
+ community.aws.waf_info:
- name: obtain all information for a single WAF
- community.aws.aws_waf_info:
+ community.aws.waf_info:
name: test_waf
- name: obtain all information for a single WAF Regional
- community.aws.aws_waf_info:
+ community.aws.waf_info:
name: test_waf
waf_regional: true
diff --git a/docs/community.aws.aws_waf_rule_module.rst b/docs/community.aws.waf_rule_module.rst
similarity index 98%
rename from docs/community.aws.aws_waf_rule_module.rst
rename to docs/community.aws.waf_rule_module.rst
index 2c5f330748a..febdf55b173 100644
--- a/docs/community.aws.aws_waf_rule_module.rst
+++ b/docs/community.aws.waf_rule_module.rst
@@ -1,9 +1,9 @@
-.. _community.aws.aws_waf_rule_module:
+.. _community.aws.waf_rule_module:
-**************************
-community.aws.aws_waf_rule
-**************************
+**********************
+community.aws.waf_rule
+**********************
**Create and delete WAF Rules**
@@ -18,6 +18,7 @@ Version added: 1.0.0
Synopsis
--------
- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/.
+- Prior to release 5.0.0 this module was called ``community.aws.aws_waf_rule``. The usage did not change.
@@ -120,7 +121,7 @@ Parameters
|
- List of conditions used in the rule. community.aws.aws_waf_condition can be used to create new conditions.
+ List of conditions used in the rule. community.aws.waf_condition can be used to create new conditions.
|
@@ -235,7 +236,7 @@ Parameters
|
A friendly name or description for the metrics for the rule.
- The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
+ The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name may not contain whitespace.
You can't change metric_name after you create the rule.
Defaults to the same as name with disallowed characters removed.
|
@@ -379,7 +380,7 @@ Parameters
- Whether to use waf-regional module.
+ Whether to use waf-regional module.
|
@@ -402,7 +403,7 @@ Examples
.. code-block:: yaml
- name: create WAF rule
- community.aws.aws_waf_rule:
+ community.aws.waf_rule:
name: my_waf_rule
conditions:
- name: my_regex_condition
@@ -416,7 +417,7 @@ Examples
negated: yes
- name: remove WAF rule
- community.aws.aws_waf_rule:
+ community.aws.waf_rule:
name: "my_waf_rule"
state: absent
diff --git a/docs/community.aws.aws_waf_web_acl_module.rst b/docs/community.aws.waf_web_acl_module.rst
similarity index 98%
rename from docs/community.aws.aws_waf_web_acl_module.rst
rename to docs/community.aws.waf_web_acl_module.rst
index 5587bc008d4..54da02531f6 100644
--- a/docs/community.aws.aws_waf_web_acl_module.rst
+++ b/docs/community.aws.waf_web_acl_module.rst
@@ -1,9 +1,9 @@
-.. _community.aws.aws_waf_web_acl_module:
+.. _community.aws.waf_web_acl_module:
-*****************************
-community.aws.aws_waf_web_acl
-*****************************
+*************************
+community.aws.waf_web_acl
+*************************
**Create and delete WAF Web ACLs**
@@ -19,6 +19,7 @@ Synopsis
--------
- Module for WAF classic, for WAF v2 use the *wafv2_** modules.
- Read the AWS documentation for WAF https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html.
+- Prior to release 5.0.0 this module was called ``community.aws.aws_waf_web_acl``. The usage did not change.
@@ -408,7 +409,7 @@ Parameters
- Whether to use waf-regional module.
+ Whether to use waf-regional module.
|
@@ -431,7 +432,7 @@ Examples
.. code-block:: yaml
- name: create web ACL
- community.aws.aws_waf_web_acl:
+ community.aws.waf_web_acl:
name: my_web_acl
rules:
- name: my_rule
@@ -442,7 +443,7 @@ Examples
state: present
- name: delete the web acl
- community.aws.aws_waf_web_acl:
+ community.aws.waf_web_acl:
name: my_web_acl
state: absent
diff --git a/meta/runtime.yml b/meta/runtime.yml
index bb62596a1ef..81525370404 100644
--- a/meta/runtime.yml
+++ b/meta/runtime.yml
@@ -212,6 +212,10 @@ action_groups:
- sts_assume_role
- sts_session_token
- storagegateway_info
+ - waf_condition
+ - waf_info
+ - waf_rule
+ - waf_web_acl
- wafv2_ip_set
- wafv2_ip_set_info
- wafv2_resources
@@ -285,6 +289,18 @@ plugin_routing:
aws_sgw_info:
# Deprecation for this alias should not *start* prior to 2024-09-01
redirect: community.aws.storagegateway_info
+ aws_waf_condition:
+ # Deprecation for this alias should not *start* prior to 2024-09-01
+ redirect: community.aws.waf_condition
+ aws_waf_info:
+ # Deprecation for this alias should not *start* prior to 2024-09-01
+ redirect: community.aws.waf_info
+ aws_waf_rule:
+ # Deprecation for this alias should not *start* prior to 2024-09-01
+ redirect: community.aws.waf_rule
+ aws_waf_web_acl:
+ # Deprecation for this alias should not *start* prior to 2024-09-01
+ redirect: community.aws.waf_web_acl
ec2_elb:
redirect: community.aws.elb_instance
ec2_instance:
diff --git a/plugins/modules/aws_waf_condition.py b/plugins/modules/waf_condition.py
similarity index 84%
rename from plugins/modules/aws_waf_condition.py
rename to plugins/modules/waf_condition.py
index 77f66f9f767..b948ec9a81f 100644
--- a/plugins/modules/aws_waf_condition.py
+++ b/plugins/modules/waf_condition.py
@@ -8,138 +8,139 @@
DOCUMENTATION = r'''
-module: aws_waf_condition
+module: waf_condition
short_description: Create and delete WAF Conditions
version_added: 1.0.0
description:
- Read the AWS documentation for WAF
U(https://aws.amazon.com/documentation/waf/)
+ - Prior to release 5.0.0 this module was called C(community.aws.aws_waf_condition).
+ The usage did not change.
author:
- Will Thames (@willthames)
- Mike Mochan (@mmochan)
extends_documentation_fragment:
-- amazon.aws.aws
-- amazon.aws.ec2
+ - amazon.aws.aws
+ - amazon.aws.ec2
options:
- name:
- description: Name of the Web Application Firewall condition to manage.
- required: true
- type: str
- type:
- description: The type of matching to perform.
- choices:
- - byte
- - geo
- - ip
- - regex
- - size
- - sql
- - xss
- type: str
- required: true
- filters:
- description:
- - A list of the filters against which to match.
- - For I(type=byte), valid keys are I(field_to_match), I(position), I(header), I(transformation) and I(target_string).
- - For I(type=geo), the only valid key is I(country).
- - For I(type=ip), the only valid key is I(ip_address).
- - For I(type=regex), valid keys are I(field_to_match), I(transformation) and I(regex_pattern).
- - For I(type=size), valid keys are I(field_to_match), I(transformation), I(comparison) and I(size).
- - For I(type=sql), valid keys are I(field_to_match) and I(transformation).
- - For I(type=xss), valid keys are I(field_to_match) and I(transformation).
- - Required when I(state=present).
- type: list
- elements: dict
- suboptions:
- field_to_match:
- description:
- - The field upon which to perform the match.
- - Valid when I(type=byte), I(type=regex), I(type=sql) or I(type=xss).
- type: str
- choices: ['uri', 'query_string', 'header', 'method', 'body']
- position:
- description:
- - Where in the field the match needs to occur.
- - Only valid when I(type=byte).
- type: str
- choices: ['exactly', 'starts_with', 'ends_with', 'contains', 'contains_word']
- header:
- description:
- - Which specific header should be matched.
- - Required when I(field_to_match=header).
- - Valid when I(type=byte).
- type: str
- transformation:
- description:
- - A transform to apply on the field prior to performing the match.
- - Valid when I(type=byte), I(type=regex), I(type=sql) or I(type=xss).
- type: str
- choices: ['none', 'compress_white_space', 'html_entity_decode', 'lowercase', 'cmd_line', 'url_decode']
- country:
- description:
- - Value of geo constraint (typically a two letter country code).
- - The only valid key when I(type=geo).
- type: str
- ip_address:
- description:
- - An IP Address or CIDR to match.
- - The only valid key when I(type=ip).
- type: str
- regex_pattern:
- description:
- - A dict describing the regular expressions used to perform the match.
- - Only valid when I(type=regex).
- type: dict
- suboptions:
- name:
- description: A name to describe the set of patterns.
- type: str
- regex_strings:
- description: A list of regular expressions to match.
- type: list
- elements: str
- comparison:
- description:
- - What type of comparison to perform.
- - Only valid key when I(type=size).
- type: str
- choices: ['EQ', 'NE', 'LE', 'LT', 'GE', 'GT']
- size:
- description:
- - The size of the field (in bytes).
- - Only valid key when I(type=size).
- type: int
- target_string:
- description:
- - The string to search for.
- - May be up to 50 bytes.
- - Valid when I(type=byte).
- type: str
- purge_filters:
- description:
- - Whether to remove existing filters from a condition if not passed in I(filters).
- default: false
- type: bool
- waf_regional:
- description: Whether to use waf-regional module.
- default: false
- required: no
- type: bool
- state:
- description: Whether the condition should be C(present) or C(absent).
- choices:
- - present
- - absent
- default: present
- type: str
-
+ name:
+ description: Name of the Web Application Firewall condition to manage.
+ required: true
+ type: str
+ type:
+ description: The type of matching to perform.
+ choices:
+ - byte
+ - geo
+ - ip
+ - regex
+ - size
+ - sql
+ - xss
+ type: str
+ required: true
+ filters:
+ description:
+ - A list of the filters against which to match.
+ - For I(type=byte), valid keys are I(field_to_match), I(position), I(header), I(transformation) and I(target_string).
+ - For I(type=geo), the only valid key is I(country).
+ - For I(type=ip), the only valid key is I(ip_address).
+ - For I(type=regex), valid keys are I(field_to_match), I(transformation) and I(regex_pattern).
+ - For I(type=size), valid keys are I(field_to_match), I(transformation), I(comparison) and I(size).
+ - For I(type=sql), valid keys are I(field_to_match) and I(transformation).
+ - For I(type=xss), valid keys are I(field_to_match) and I(transformation).
+ - Required when I(state=present).
+ type: list
+ elements: dict
+ suboptions:
+ field_to_match:
+ description:
+ - The field upon which to perform the match.
+ - Valid when I(type=byte), I(type=regex), I(type=sql) or I(type=xss).
+ type: str
+ choices: ['uri', 'query_string', 'header', 'method', 'body']
+ position:
+ description:
+ - Where in the field the match needs to occur.
+ - Only valid when I(type=byte).
+ type: str
+ choices: ['exactly', 'starts_with', 'ends_with', 'contains', 'contains_word']
+ header:
+ description:
+ - Which specific header should be matched.
+ - Required when I(field_to_match=header).
+ - Valid when I(type=byte).
+ type: str
+ transformation:
+ description:
+ - A transform to apply on the field prior to performing the match.
+ - Valid when I(type=byte), I(type=regex), I(type=sql) or I(type=xss).
+ type: str
+ choices: ['none', 'compress_white_space', 'html_entity_decode', 'lowercase', 'cmd_line', 'url_decode']
+ country:
+ description:
+ - Value of geo constraint (typically a two letter country code).
+ - The only valid key when I(type=geo).
+ type: str
+ ip_address:
+ description:
+ - An IP Address or CIDR to match.
+ - The only valid key when I(type=ip).
+ type: str
+ regex_pattern:
+ description:
+ - A dict describing the regular expressions used to perform the match.
+ - Only valid when I(type=regex).
+ type: dict
+ suboptions:
+ name:
+ description: A name to describe the set of patterns.
+ type: str
+ regex_strings:
+ description: A list of regular expressions to match.
+ type: list
+ elements: str
+ comparison:
+ description:
+ - What type of comparison to perform.
+ - Only valid key when I(type=size).
+ type: str
+ choices: ['EQ', 'NE', 'LE', 'LT', 'GE', 'GT']
+ size:
+ description:
+ - The size of the field (in bytes).
+ - Only valid key when I(type=size).
+ type: int
+ target_string:
+ description:
+ - The string to search for.
+ - May be up to 50 bytes.
+ - Valid when I(type=byte).
+ type: str
+ purge_filters:
+ description:
+ - Whether to remove existing filters from a condition if not passed in I(filters).
+ default: false
+ type: bool
+ waf_regional:
+ description: Whether to use C(waf-regional) module.
+ default: false
+ required: no
+ type: bool
+ state:
+ description: Whether the condition should be C(present) or C(absent).
+ choices:
+ - present
+ - absent
+ default: present
+ type: str
'''
EXAMPLES = r'''
- name: create WAF byte condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_byte_condition
filters:
- field_to_match: header
@@ -149,7 +150,7 @@
type: byte
- name: create WAF geo condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_geo_condition
filters:
- country: US
@@ -158,7 +159,7 @@
type: geo
- name: create IP address condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: "{{ resource_prefix }}_ip_condition"
filters:
- ip_address: "10.0.0.0/8"
@@ -166,7 +167,7 @@
type: ip
- name: create WAF regex condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_regex_condition
filters:
- field_to_match: query_string
@@ -179,7 +180,7 @@
type: regex
- name: create WAF size condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_size_condition
filters:
- field_to_match: query_string
@@ -188,7 +189,7 @@
type: size
- name: create WAF sql injection condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_sql_condition
filters:
- field_to_match: query_string
@@ -196,7 +197,7 @@
type: sql
- name: create WAF xss condition
- community.aws.aws_waf_condition:
+ community.aws.waf_condition:
name: my_xss_condition
filters:
- field_to_match: query_string
@@ -728,7 +729,7 @@ def main():
if state == 'present':
(changed, results) = condition.ensure_condition_present()
- # return a condition agnostic ID for use by aws_waf_rule
+ # return a condition agnostic ID for use by waf_rule
results['ConditionId'] = results[condition.conditionsetid]
else:
(changed, results) = condition.ensure_condition_absent()
diff --git a/plugins/modules/aws_waf_info.py b/plugins/modules/waf_info.py
similarity index 89%
rename from plugins/modules/aws_waf_info.py
rename to plugins/modules/waf_info.py
index 838f9491dfd..81538e62923 100644
--- a/plugins/modules/aws_waf_info.py
+++ b/plugins/modules/waf_info.py
@@ -7,18 +7,20 @@
DOCUMENTATION = '''
-module: aws_waf_info
-short_description: Retrieve information for WAF ACLs, Rule , Conditions and Filters.
+module: waf_info
+short_description: Retrieve information for WAF ACLs, Rules, Conditions and Filters
version_added: 1.0.0
description:
- - Retrieve information for WAF ACLs, Rule , Conditions and Filters.
+ - Retrieve information for WAF ACLs, Rules, Conditions and Filters.
+ - Prior to release 5.0.0 this module was called C(community.aws.aws_waf_info).
+ The usage did not change.
options:
name:
description:
- The name of a Web Application Firewall.
type: str
waf_regional:
- description: Whether to use the waf-regional module.
+ description: Whether to use the C(waf-regional) module.
default: false
required: no
type: bool
@@ -27,21 +29,20 @@
- Mike Mochan (@mmochan)
- Will Thames (@willthames)
extends_documentation_fragment:
-- amazon.aws.aws
-- amazon.aws.ec2
-
+ - amazon.aws.aws
+ - amazon.aws.ec2
'''
EXAMPLES = '''
- name: obtain all WAF information
- community.aws.aws_waf_info:
+ community.aws.waf_info:
- name: obtain all information for a single WAF
- community.aws.aws_waf_info:
+ community.aws.waf_info:
name: test_waf
- name: obtain all information for a single WAF Regional
- community.aws.aws_waf_info:
+ community.aws.waf_info:
name: test_waf
waf_regional: true
'''
diff --git a/plugins/modules/aws_waf_rule.py b/plugins/modules/waf_rule.py
similarity index 86%
rename from plugins/modules/aws_waf_rule.py
rename to plugins/modules/waf_rule.py
index f5701b2ff00..188c6de9df6 100644
--- a/plugins/modules/aws_waf_rule.py
+++ b/plugins/modules/waf_rule.py
@@ -8,74 +8,73 @@
DOCUMENTATION = r'''
-module: aws_waf_rule
+module: waf_rule
short_description: Create and delete WAF Rules
version_added: 1.0.0
description:
- Read the AWS documentation for WAF
U(https://aws.amazon.com/documentation/waf/).
+ - Prior to release 5.0.0 this module was called C(community.aws.aws_waf_rule).
+ The usage did not change.
author:
- Mike Mochan (@mmochan)
- Will Thames (@willthames)
extends_documentation_fragment:
-- amazon.aws.aws
-- amazon.aws.ec2
+ - amazon.aws.aws
+ - amazon.aws.ec2
options:
- name:
- description: Name of the Web Application Firewall rule.
- required: yes
- type: str
- metric_name:
- description:
- - A friendly name or description for the metrics for the rule.
- - The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
- - You can't change I(metric_name) after you create the rule.
- - Defaults to the same as I(name) with disallowed characters removed.
+ name:
+ description: Name of the Web Application Firewall rule.
+ required: yes
+ type: str
+ metric_name:
+ description:
+ - A friendly name or description for the metrics for the rule.
+ - The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name may not contain whitespace.
+ - You can't change I(metric_name) after you create the rule.
+ - Defaults to the same as I(name) with disallowed characters removed.
+ type: str
+ state:
+ description: Whether the rule should be present or absent.
+ choices: ['present', 'absent']
+ default: present
+ type: str
+ conditions:
+ description: >
+ List of conditions used in the rule. M(community.aws.waf_condition) can be used to create new conditions.
+ type: list
+ elements: dict
+ suboptions:
+ type:
+ required: true
type: str
- state:
- description: Whether the rule should be present or absent.
- choices:
- - present
- - absent
- default: present
- type: str
- conditions:
- description: >
- List of conditions used in the rule. M(community.aws.aws_waf_condition) can be used to
- create new conditions.
- type: list
- elements: dict
- suboptions:
- type:
- required: true
- type: str
- choices: ['byte','geo','ip','size','sql','xss']
- description: The type of rule to match.
- negated:
- required: true
- type: bool
- description: Whether the condition should be negated.
- condition:
- required: true
- type: str
- description: The name of the condition. The condition must already exist.
- purge_conditions:
- description:
- - Whether or not to remove conditions that are not passed when updating I(conditions).
- default: false
- type: bool
- waf_regional:
- description: Whether to use waf-regional module.
- default: false
- required: false
+ choices: ['byte','geo','ip','size','sql','xss']
+ description: The type of rule to match.
+ negated:
+ required: true
type: bool
+ description: Whether the condition should be negated.
+ condition:
+ required: true
+ type: str
+ description: The name of the condition. The condition must already exist.
+ purge_conditions:
+ description:
+ - Whether or not to remove conditions that are not passed when updating I(conditions).
+ default: false
+ type: bool
+ waf_regional:
+ description: Whether to use C(waf-regional) module.
+ default: false
+ required: false
+ type: bool
'''
EXAMPLES = r'''
- name: create WAF rule
- community.aws.aws_waf_rule:
+ community.aws.waf_rule:
name: my_waf_rule
conditions:
- name: my_regex_condition
@@ -89,7 +88,7 @@
negated: yes
- name: remove WAF rule
- community.aws.aws_waf_rule:
+ community.aws.waf_rule:
name: "my_waf_rule"
state: absent
'''
diff --git a/plugins/modules/aws_waf_web_acl.py b/plugins/modules/waf_web_acl.py
similarity index 83%
rename from plugins/modules/aws_waf_web_acl.py
rename to plugins/modules/waf_web_acl.py
index 609df528a0a..c4958a7c41f 100644
--- a/plugins/modules/aws_waf_web_acl.py
+++ b/plugins/modules/waf_web_acl.py
@@ -7,86 +7,88 @@
DOCUMENTATION = r'''
-module: aws_waf_web_acl
+module: waf_web_acl
short_description: Create and delete WAF Web ACLs
version_added: 1.0.0
description:
- Module for WAF classic, for WAF v2 use the I(wafv2_*) modules.
- Read the AWS documentation for WAF U(https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html).
+ - Prior to release 5.0.0 this module was called C(community.aws.aws_waf_web_acl).
+ The usage did not change.
author:
- Mike Mochan (@mmochan)
- Will Thames (@willthames)
extends_documentation_fragment:
-- amazon.aws.aws
-- amazon.aws.ec2
+ - amazon.aws.aws
+ - amazon.aws.ec2
options:
- name:
- description: Name of the Web Application Firewall ACL to manage.
- required: yes
+ name:
+ description: Name of the Web Application Firewall ACL to manage.
+ required: yes
+ type: str
+ default_action:
+ description: The action that you want AWS WAF to take when a request doesn't
+ match the criteria specified in any of the Rule objects that are associated with the WebACL.
+ choices:
+ - block
+ - allow
+ - count
+ type: str
+ state:
+ description: Whether the Web ACL should be present or absent.
+ choices:
+ - present
+ - absent
+ default: present
+ type: str
+ metric_name:
+ description:
+ - A friendly name or description for the metrics for this WebACL.
+ - The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
+ - You can't change I(metric_name) after you create the WebACL.
+ - Metric name will default to I(name) with disallowed characters stripped out.
+ type: str
+ rules:
+ description:
+ - A list of rules that the Web ACL will enforce.
+ type: list
+ elements: dict
+ suboptions:
+ name:
+ description: Name of the rule.
type: str
- default_action:
- description: The action that you want AWS WAF to take when a request doesn't
- match the criteria specified in any of the Rule objects that are associated with the WebACL.
- choices:
- - block
- - allow
- - count
+ required: true
+ action:
+ description: The action to perform.
type: str
- state:
- description: Whether the Web ACL should be present or absent.
+ required: true
+ priority:
+ description: The priority of the action. Priorities must be unique. Lower numbered priorities are evaluated first.
+ type: int
+ required: true
+ type:
+ description: The type of rule.
choices:
- - present
- - absent
- default: present
+ - rate_based
+ - regular
type: str
- metric_name:
- description:
- - A friendly name or description for the metrics for this WebACL.
- - The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
- - You can't change I(metric_name) after you create the WebACL.
- - Metric name will default to I(name) with disallowed characters stripped out.
- type: str
- rules:
- description:
- - A list of rules that the Web ACL will enforce.
- type: list
- elements: dict
- suboptions:
- name:
- description: Name of the rule.
- type: str
- required: true
- action:
- description: The action to perform.
- type: str
- required: true
- priority:
- description: The priority of the action. Priorities must be unique. Lower numbered priorities are evaluated first.
- type: int
- required: true
- type:
- description: The type of rule.
- choices:
- - rate_based
- - regular
- type: str
- purge_rules:
- description:
- - Whether to remove rules that aren't passed with I(rules).
- default: False
- type: bool
- waf_regional:
- description: Whether to use waf-regional module.
- default: false
- required: no
- type: bool
+ purge_rules:
+ description:
+ - Whether to remove rules that aren't passed with I(rules).
+ default: False
+ type: bool
+ waf_regional:
+ description: Whether to use C(waf-regional) module.
+ default: false
+ required: no
+ type: bool
'''
EXAMPLES = r'''
- name: create web ACL
- community.aws.aws_waf_web_acl:
+ community.aws.waf_web_acl:
name: my_web_acl
rules:
- name: my_rule
@@ -97,7 +99,7 @@
state: present
- name: delete the web acl
- community.aws.aws_waf_web_acl:
+ community.aws.waf_web_acl:
name: my_web_acl
state: absent
'''
diff --git a/tests/integration/targets/aws_waf_web_acl/aliases b/tests/integration/targets/aws_waf_web_acl/aliases
deleted file mode 100644
index 5692e3fb007..00000000000
--- a/tests/integration/targets/aws_waf_web_acl/aliases
+++ /dev/null
@@ -1,12 +0,0 @@
-# reason: broken
-# ansible/ansible#38258
-disabled
-
-cloud/aws
-
-aws_waf_info
-aws_waf_web_acl
-aws_waf_web_match
-aws_waf_web_rule
-aws_waf_condition
-aws_waf_rule
\ No newline at end of file
diff --git a/tests/integration/targets/waf_web_acl/aliases b/tests/integration/targets/waf_web_acl/aliases
new file mode 100644
index 00000000000..7e34262e4d1
--- /dev/null
+++ b/tests/integration/targets/waf_web_acl/aliases
@@ -0,0 +1,9 @@
+# reason: broken
+# ansible/ansible#38258
+disabled
+
+cloud/aws
+
+waf_condition
+waf_info
+waf_rule
diff --git a/tests/integration/targets/aws_waf_web_acl/meta/main.yml b/tests/integration/targets/waf_web_acl/meta/main.yml
similarity index 100%
rename from tests/integration/targets/aws_waf_web_acl/meta/main.yml
rename to tests/integration/targets/waf_web_acl/meta/main.yml
diff --git a/tests/integration/targets/aws_waf_web_acl/tasks/main.yml b/tests/integration/targets/waf_web_acl/tasks/main.yml
similarity index 100%
rename from tests/integration/targets/aws_waf_web_acl/tasks/main.yml
rename to tests/integration/targets/waf_web_acl/tasks/main.yml