diff options
| author | Sloane Hertel <shertel@redhat.com> | 2017-10-24 21:18:56 -0400 |
|---|---|---|
| committer | ansibot <ansibot@users.noreply.github.com> | 2017-10-24 21:18:56 -0400 |
| commit | 1dd55acbc211d854a6cded0f813334325bac4038 (patch) | |
| tree | e237c0fe7dad0bb9425eb050f716757e49be6390 /hacking/aws_config | |
| parent | 3b6c09510490dfc9032e5d7e307db74338f28972 (diff) | |
| download | ansible-1dd55acbc211d854a6cded0f813334325bac4038.tar.gz | |
ec2_group: add rule description support - fixes #29040 (#30273)
* ec2_group: add support for rule descriptions.
* Document rule description feature and add an example using it.
* Fix removing rule descriptions.
* Add integration tests to verify adding/modifying/removing rule descriptions works as expected.
* Add permissions to hacking/aws_config/testing_policies/ec2-policy.json for updating ingress and egress rule descriptions.
* ec2_group: add backwards compatibility with older versions of botocore for rule descriptions.
* Add compatibility with older version of botocore for ec2_group integration tests.
* ec2_group: move HAS_RULE_DESCRIPTION to be checked first.
* Make requested change
* Pass around a variable instead of client
* Make sure has_rule_description defaults to None
* Fail if rule_desc is in any ingress/egress rules and the the botocore version < 1.7.2
* Remove unnecessary variable
* Fix indentation for changed=True when updating rule descriptions.
* minor refactor to remove duplicate code
* add missing parameter
* Fix pep8
* Update test policy.
Diffstat (limited to 'hacking/aws_config')
| -rw-r--r-- | hacking/aws_config/testing_policies/ec2-policy.json | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/hacking/aws_config/testing_policies/ec2-policy.json b/hacking/aws_config/testing_policies/ec2-policy.json index 1396c3b4e4..c80178323f 100644 --- a/hacking/aws_config/testing_policies/ec2-policy.json +++ b/hacking/aws_config/testing_policies/ec2-policy.json @@ -25,6 +25,7 @@ "ec2:DeleteNatGateway", "ec2:DeleteSnapshot", "ec2:DeleteSubnet", + "ec2:DeleteTags", "ec2:DeleteVpc", "ec2:DeregisterImage", "ec2:Describe*", @@ -51,7 +52,9 @@ "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", - "ec2:TerminateInstances" + "ec2:TerminateInstances", + "ec2:UpdateSecurityGroupRuleDescriptionsIngress", + "ec2:UpdateSecurityGroupRuleDescriptionsEgress" ], "Resource": [ "arn:aws:ec2:{{aws_region}}::image/*", |