Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PR #822/a3d940af backport][stable-2] iam_user password management support #833

Merged
merged 1 commit into from
Dec 17, 2021
Merged

[PR #822/a3d940af backport][stable-2] iam_user password management support #833

merged 1 commit into from
Dec 17, 2021

Conversation

patchback[bot]
Copy link

@patchback patchback bot commented Dec 13, 2021

This is a backport of PR #822 as merged into main (a3d940a).

SUMMARY

The iam module currently supports password management for IAM users, but the newer iam_user module does not currently. This PR adds the password management functionality to bring parity with the old module.

To ensure the IAM user is properly created before adding a login profile, the waiter for the IAM creation has also been added.

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

iam_user

ADDITIONAL INFORMATION

The added functionality uses the create_login_profile and update_login_profile methods:
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam.html#IAM.Client.create_login_profile
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam.html#IAM.Client.update_login_profile

Local integration tests run:

ansible-test integration --docker centos8 -vv iam_user --allow-unsupported
...
PLAY RECAP *********************************************************************
testhost                   : ok=92   changed=24   unreachable=0    failed=0    skipped=0    rescued=0    ignored=2   

AWS ACTIONS: ['iam:AddUserToGroup', 'iam:AttachUserPolicy', 'iam:CreateGroup', 'iam:CreateLoginProfile', 'iam:CreateUser', 'iam:DeleteGroup', 'iam:DeleteLoginProfile', 'iam:DeleteUser', 'iam:DetachUserPolicy', 'iam:GetGroup', 'iam:GetUser', 'iam:ListAccessKeys', 'iam:ListAttachedGroupPolicies', 'iam:ListAttachedUserPolicies', 'iam:ListGroupsForUser', 'iam:ListMFADevices', 'iam:ListPolicies', 'iam:ListSSHPublicKeys', 'iam:ListServiceSpecificCredentials', 'iam:ListSigningCertificates', 'iam:ListUserPolicies', 'iam:ListUsers', 'iam:RemoveUserFromGroup', 'iam:TagUser', 'iam:UntagUser', 'iam:UpdateLoginProfile']

@marknet15 @patchback
iam_user password management support (#822)
ecb5a33 
iam_user password management support

SUMMARY
The iam module currently supports password management for IAM users, but the newer  iam_user module does not currently. This PR adds the password management functionality to bring parity with the old module.
To ensure the IAM user is properly created before adding a login profile, the waiter for the IAM creation has also been added.
ISSUE TYPE

Feature Pull Request

COMPONENT NAME
iam_user
ADDITIONAL INFORMATION
The added functionality uses the create_login_profile and update_login_profile methods:
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam.html#IAM.Client.create_login_profile
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam.html#IAM.Client.update_login_profile
Local integration tests run:
ansible-test integration --docker centos8 -vv iam_user --allow-unsupported
...
PLAY RECAP *********************************************************************
testhost                   : ok=92   changed=24   unreachable=0    failed=0    skipped=0    rescued=0    ignored=2

AWS ACTIONS: ['iam:AddUserToGroup', 'iam:AttachUserPolicy', 'iam:CreateGroup', 'iam:CreateLoginProfile', 'iam:CreateUser', 'iam:DeleteGroup', 'iam:DeleteLoginProfile', 'iam:DeleteUser', 'iam:DetachUserPolicy', 'iam:GetGroup', 'iam:GetUser', 'iam:ListAccessKeys', 'iam:ListAttachedGroupPolicies', 'iam:ListAttachedUserPolicies', 'iam:ListGroupsForUser', 'iam:ListMFADevices', 'iam:ListPolicies', 'iam:ListSSHPublicKeys', 'iam:ListServiceSpecificCredentials', 'iam:ListSigningCertificates', 'iam:ListUserPolicies', 'iam:ListUsers', 'iam:RemoveUserFromGroup', 'iam:TagUser', 'iam:UntagUser', 'iam:UpdateLoginProfile']

Reviewed-by: Markus Bergholz <git@osuv.de>
Reviewed-by: Mark Chappell <None>
Reviewed-by: None <None>
(cherry picked from commit a3d940a)
@patchback patchback bot mentioned this pull request Dec 13, 2021
Merged
@markuman markuman added the gate label Dec 17, 2021
ansible-zuul[bot]
ansible-zuul bot approved these changes Dec 17, 2021
View reviewed changes
Copy link
Contributor

@ansible-zuul ansible-zuul bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@ansible-zuul ansible-zuul bot merged commit 79dc284 into stable-2 Dec 17, 2021
@jillr jillr deleted the patchback/backports/stable-2/a3d940af4a717327f3bce0726a2c23b6890e8609/pr-822 branch January 12, 2022 20:13
abikouo pushed a commit to abikouo/community.aws that referenced this pull request Oct 24, 2023
@tremble
cloudformation - remove unused template_format parameter (ansible-col…
74c135c 
…lections#833)

cloudformation - remove unused template_format parameter

SUMMARY
The template_format parameter has been ignored since Ansible 2.3 and deprecated since release 1.0.0.  Remove it.
ISSUE TYPE

Feature Pull Request

COMPONENT NAME
cloudformation
ADDITIONAL INFORMATION
See also ansible/ansible#64368

Reviewed-by: Alina Buzachis <None>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@markuman markuman markuman approved these changes

@ansible-zuul ansible-zuul[bot] ansible-zuul[bot] approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@markuman @marknet15