Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssm connection plugin - allow s3 bucket to use it's own region setting #603

Closed
wants to merge 4 commits into from
Closed

ssm connection plugin - allow s3 bucket to use it's own region setting #603

wants to merge 4 commits into from

Conversation

rrusso1982
Copy link

SUMMARY

When using ssm to connect to systems in aws it is required that we utilize an s3 bucket to transfer files from the source to the destination server. When the bucket resides in a different region than the destination server the wrong s3 endpoint is being selected. This adds a new configuration value, ansible_aws_ssm_bucket_region, to allow the s3 buckets region to be set directly allowing the transfer to occur as would be expected.

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

plugins/connection/aws_ssm.py

@ansibullbot ansibullbot added bug This issue/PR relates to a bug community_review connection connection plugin needs_triage new_contributor Help guide this first time contributor plugins plugin (any type) small_patch Hopefully easy to review labels Jun 16, 2021
@wilinger
Copy link

Would also be nice for s3 bucket to have its own aws_profile that's different than the var:ansible_aws_ssm_profile for the connection so you don't have to create a new bucket if you have multiple AWS accounts. Similar to aws_secrets plugin.

@ansibullbot ansibullbot removed the small_patch Hopefully easy to review label Jun 28, 2021
alinabuzachis
alinabuzachis requested changes Jun 29, 2021
View reviewed changes
Copy link
Contributor

@alinabuzachis alinabuzachis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rrusso1982 Thank you for your contribution. Could you please add a changelog https://docs.ansible.com/ansible/latest/dev_guide/testing/sanity/changelog.html?

@goneri
Copy link
Member

goneri commented Jul 8, 2021

recheck

markuman
markuman requested changes Jul 9, 2021
View reviewed changes
Copy link
Member

@markuman markuman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rrusso1982 Can you expand the integration test tests/integration/targets/aws_ssm_parameter_store/tasks/main.yml and replace one of the region=ec2_region with bucket_region=ec2_region to see that CI is still passing?
So that CI is taking care about this parameter in further changes. Otherwise it looks good to me.

CHANGELOG.rst
@@ -4,6 +4,12 @@ community.aws Release Notes

.. contents:: Topics

v2.0.0
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the CHANGELOG.rst is somewhat autogenerated. You need to revert this and add a changelogs/fragments file

@tremble tremble changed the title allow s3 bucket to use it's own region setting ssm connection plugin - allow s3 bucket to use it's own region setting Oct 18, 2021
@markuman markuman mentioned this pull request Nov 16, 2021
Closed
@gillg
Copy link

gillg commented Jan 7, 2022

Hello !

What is blocking this PR ?
It seems very important to make ssm plugin usable with an inventory accross different regions...
We can't define one bucket by region (and it's a little bit complex...) so it's important to fix the bucket region to avoid this kind of error in curl -GET "https://bucket/script.py" :

<Code>AuthorizationQueryParametersError</Code>
<Message>Error parsing the X-Amz-Credential parameter; the region 'us-west-2' is wrong; expecting 'us-east-1'</Message>

In the case where inside a dynamic inventpry you use :

plugin: amazon.aws.aws_ec2
[...]
compose:
  ansible_aws_ssm_region: placement.region

@markuman
Copy link
Member

markuman commented Jan 7, 2022

@gillg the lack of integration tests and files are touched that must not be touched in feature/bug requests.
Do you like to adopt and complete this PR?

@gillg gillg mentioned this pull request Jan 8, 2022
Closed
@gillg
Copy link

gillg commented Jan 9, 2022

duplicate, can be close

@alinabuzachis
Copy link
Contributor

Closed by duplicate #854

alinabuzachis pushed a commit to alinabuzachis/community.aws that referenced this pull request May 25, 2022
@abikouo
aws_s3 - fix issue when copy missing key from bucket (ansible-collect…
7bdad10 
…ions#603)

aws_s3 - fix issue when copy missing key from bucket

SUMMARY

ansible-collections#602

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

aws_s3
ADDITIONAL INFORMATION

Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@markuman markuman markuman requested changes

@alinabuzachis alinabuzachis alinabuzachis requested changes

Assignees
No one assigned
Labels
bug This issue/PR relates to a bug community_review connection connection plugin needs_triage new_contributor Help guide this first time contributor plugins plugin (any type)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@rrusso1982 @wilinger @goneri @gillg @markuman @alinabuzachis @ansibullbot