community.aws 2.5.0

Minor Changes

• iam_policy - update broken examples and add RETURN section to documentation; add extra integration tests for idempotency check mode runs (#1093).
• iam_role - delete inline policies prior to deleting role (#1054).
• iam_role - remove global vars and refactor accordingly (#1054).

Bugfixes

• ecs_service - add missing change detect of health_check_grace_period_seconds parameter (#1145).
• ecs_service - fix broken compare of task_definition that results always in a changed task (#1145).
• ecs_service - fix validation for placement_constraints. It's possible to use distinctInstance placement constraint now (#1058)
• ecs_taskdefinition - fix broken change detect of launch_type parameter (#1145).
• execute_lambda - fix check mode and update RETURN documentation (#1115).
• iam_policy - require one of policy_document and policy_json when state is present to prevent MalformedPolicyDocumentException from being thrown (#1093).
• s3_lifecycle - add support of value 0 for transition_days (#1077).
• s3_lifecycle - check that configuration is complete before returning (#1085).

community.aws 3.2.1

Release Summary

This is a bugfix release of the community.aws collection.
The new parameter purge_tags in ec2_asg module, that
was introduced in community.aws 3.2.0 with its default
value true, possibly breaks existing playbooks for users
if they don't update their playbooks and specify
purge_tags: false. However, this release restores the
previous behaviour.

Minor Changes

• iam_role - delete inline policies prior to deleting role (#1054).
• iam_role - remove global vars and refactor accordingly (#1054).

Bugfixes

• ec2_asg - Change the default value of purge_tags to false. Restores previous behaviour (#1064).

community.aws 3.2.0

Major Changes

• s3_bucket_notifications - refactor module to support SNS / SQS targets as well as the existing support for Lambda functions (#140).

Minor Changes

• cloudfront_distribution - Added support for retries (AWSRetry.jittered_backoff) (#296)
• aws_acm - Add tags and purge_tags parameters to tag certificates in ACM (#870).
• ec2_asg - Added functionality to detach specific instances and/or decrement desired capacity from ASG without terminating instances (#933).
• ec2_asg - Restructure integration tests to run in parallel and reduce runtime (#1036).
• ec2_asg - add support for purge_tags to ec2_asg (#960).
• ec2_eip - refactor module by fixing check_mode and more clear return obj. added integration tests (#936)
• elb_application_lb - Add support for alb specific attributes and check_mode support for modifying them (#963).
• elb_application_lb - add check_mode support and refactor integration tests (#894)
• elb_application_lb_info - update documentation and refactor integration tests (#894)
• elb_target_group - add support for alb target_type and update documentation (#966).
• elb_target_group - add support for setting load_balancing_algorithm_type (#1016).
• rds_instance - add choices for valid engine value (#1034).
• rds_subnet_group - add check_mode (#562).
• rds_subnet_group - add tags feature (#562).

Bugfixes

• elb_application_lb_info - Add backoff retry logic (#977)
• ecs_taskdefinition - include launch_type comparison when comparing task definitions (#840)
• elb_application_lb - Fix empty security groups list behaves inconsistently on create/update by treating empty security group as VPC's defaault (#971).
• elb_target_group_info - Add backoff retry logic (#1001)
• iam_role - Removes unnecessary removal of permission boundary from a role when deleting a role. Unlike inline policies, permission boundaries do not need to be removed from an IAM role before deleting the IAM role. This behavior causes issues when a permission boundary is inherited that prevents removal of the permission boundary. (#961)
• redshift_info - fix invalid import path for botocore exceptions (#968).
• wafv2_web_acl - fix exception when a rule contains lists values (#962).

New Modules

• cloudfront_response_headers_policy - Create, update and delete response headers policies to be used in a Cloudfront distribution
• ec2_asg_instance_refresh - Start or cancel an EC2 Auto Scaling Group (ASG) instance refresh in AWS
• ec2_asg_instance_refresh_info - Gather information about ec2 Auto Scaling Group (ASG) Instance Refreshes in AWS
• rds_cluster - rds_cluster module
• rds_cluster_info - Obtain information about one or more RDS clusters
• sns_topic_info - sns_topic_info module

community.aws 2.4.0

Minor Changes

• Added suport for retries (AWSRetry.jittered_backoff) for cloudfront_distribution (#296)

Bugfixes

• Add backoff retry logic to elb_application_lb_info (#977)
• ecs_taskdefinition - include launch_type comparison when comparing task definitions (#840)
• elb_target_group_info - Add backoff retry logic (#1001)
• iam_role - Removes unnecessary removal of permission boundary from a role when deleting a role. Unlike inline policies, permission boundaries do not need to be removed from an IAM role before deleting the IAM role. This behavior causes issues when a permission boundary is inherited that prevents removal of the permission boundary. (#961)
• redshift_info - fix invalid import path for botocore exceptions (#968).
• wafv2_web_acl - fix exception when a rule contains lists values (#962).

community.aws 3.1.0

Minor Changes

• aws_secret - Add resource_policy parameter (#843).
• aws_ssm connection plugin - add parameters to explicitly specify SSE mode and KMS key id for uploads on the file transfer bucket. (#763)
• dynamodb_table - the table_class parameter has been added (#880).
• ec2_launch_template - Add metadata options parameter http_protocol_ipv6 and instance_metadata_tags (#917).
• ec2_lc - add support for throughput parameter (#790).
• ec2_placement_group - add support for partition strategy and partition count (#872).
• elb_instance - wait parameter is no longer ignored (#826)
• elb_target_group - add support for parameter deregistration_connection_termination (#913).
• iam_managed_policy - refactor module adding check_mode and better AWSRetry backoff logic (#893).
• iam_user - add parameter password_reset_required (#860).
• wafv2_web_acl - Documentation updates wafv2_web_acl and aws_waf_web_acl (#721).
• wafv2_web_acl - Extended the wafv2_web_acl module to also take the custom_response_bodies argument (#721).

Bugfixes

• Add backoff retry logic to route53_info (#865).
• Add backoff retry logic to route53_zone (#865).
• cloudfront_distribution - Dont pass s3_origin_access_identity_enabled to API request (#881).
• execute_lambda - Wait for Lambda function State = Active before executing (#857)
• lambda - Wait for Lambda function State = Active & LastUpdateStatus = Successful before updating (#857)
• rds_instance - Fix updates of iops or allocated_storage for io1 DB instances when only one value is changing (#878).

community.aws 2.3.0

Minor Changes

• elb_instance - wait parameter is no longer ignored (#826)

Bugfixes

• cloudfront_distribution - Dont pass s3_origin_access_identity_enabled to API request (#881).
• execute_lambda - Wait for Lambda function State = Active before executing (#857)
• lambda - Wait for Lambda function State = Active & LastUpdateStatus = Successful before updating (#857)

community.aws 3.0.1

Release Summary

This is a patch release of the community.aws collection.

Minor Changes

• aws_msk_config - remove duplicated and unspecific requirements (#863).
• ecs_taskdefinition - remove duplicated and unspecific requirements (#863).
• s3_lifecycle - Add abort_incomplete_multipart_upload_days and expire_object_delete_marker parameters (#794).

community.aws 2.2.0

Release Summary

This is a backport release of the community.aws collection.

Minor Changes

• aws_msk_config - remove duplicated and unspecific requirements (#863).
• aws_ssm connection plugin - add parameters to explicitly specify SSE mode and KMS key id for uploads on the file transfer bucket. (#763)
• ecs_taskdefinition - remove duplicated and unspecific requirements (#863).
• iam_user - add boto3 waiter for iam user creation (#822).
• iam_user - add password management support bringing parity with iam module (#822).
• s3_lifecycle - Add abort_incomplete_multipart_upload_days and expire_object_delete_marker parameters (#794).

Bugfixes

• aws_eks - Fix EKS cluster creation with short names (#818).

New Modules

• ec2_asg_scheduled_action - Create, modify and delete ASG scheduled scaling actions.

community.aws 3.0.0

Major Changes

• community.aws collection - The community.aws collection has dropped support for botocore<1.19.0 and boto3<1.16.0. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (#809).

Minor Changes

• aws_glue_job - Added command_python_version parameter (#480).
• aws_glue_job - Added glue_version parameter (#480).
• aws_glue_job - Added support for check mode (#480).
• aws_glue_job - Added support for tags (#480).
• aws_ssm connection plugin - add parameters to explicitly specify SSE mode and KMS key id for uploads on the file transfer bucket. (#763)
• iam_user - add boto3 waiter for iam user creation (#822).
• iam_user - add password management support bringing parity with iam module (#822).
• route53 - ttl and value are not required for deleting records (#801).
• route53_info - max_items and type are no longer ignored fixing a regression (#813).

Breaking Changes / Porting Guide

• aws_acm_facts - Remove deprecated alias aws_acm_facts. Please use aws_acm_info instead.
• aws_kms_facts - Remove deprecated alias aws_kms_facts. Please use aws_kms_info instead.
• aws_kms_info - Deprecated keys_attr field is now ignored (#838).
• aws_region_facts - Remove deprecated alias aws_region_facts. Please use aws_region_info instead.
• aws_s3_bucket_facts - Remove deprecated alias aws_s3_bucket_facts. Please use aws_s3_bucket_info instead.
• aws_sgw_facts - Remove deprecated alias aws_sgw_facts. Please use aws_sgw_info instead.
• aws_waf_facts - Remove deprecated alias aws_waf_facts. Please use aws_waf_info instead.
• cloudfront_facts - Remove deprecated alias cloudfront_facts. Please use cloudfront_info instead.
• cloudwatchlogs_log_group_facts - Remove deprecated alias cloudwatchlogs_log_group_facts. Please use cloudwatchlogs_log_group_info instead.
• dynamodb_table - deprecated updates currently ignored for primary keys and global_all indexes will now result in a failure. (#837).
• ec2_asg_facts - Remove deprecated alias ec2_asg_facts. Please use ec2_asg_info instead.
• ec2_customer_gateway_facts - Remove deprecated alias ec2_customer_gateway_facts. Please use ec2_customer_gateway_info instead.
• ec2_eip_facts - Remove deprecated alias ec2_eip_facts. Please use ec2_eip_info instead.
• ec2_elb_facts - Remove deprecated alias ec2_elb_facts. Please use ec2_elb_info instead.
• ec2_elb_info - The ec2_elb_info module has been removed. Please use the elb_classic_lb_info`` module.
• ec2_lc_facts - Remove deprecated alias ec2_lc_facts. Please use ec2_lc_info instead.
• ec2_placement_group_facts - Remove deprecated alias ec2_placement_group_facts. Please use ec2_placement_group_info instead.
• ec2_vpc_nacl_facts - Remove deprecated alias ec2_vpc_nacl_facts. Please use ec2_vpc_nacl_info instead.
• ec2_vpc_peering_facts - Remove deprecated alias ec2_vpc_peering_facts. Please use ec2_vpc_peering_info instead.
• ec2_vpc_route_table_facts - Remove deprecated alias ec2_vpc_route_table_facts. Please use ec2_vpc_route_table_info instead.
• ec2_vpc_vgw_facts - Remove deprecated alias ec2_vpc_vgw_facts. Please use ec2_vpc_vgw_info instead.
• ec2_vpc_vpn_facts - Remove deprecated alias ec2_vpc_vpn_facts. Please use ec2_vpc_vpn_info instead.
• ecs_service_facts - Remove deprecated alias ecs_service_facts. Please use ecs_service_info instead.
• ecs_taskdefinition_facts - Remove deprecated alias ecs_taskdefinition_facts. Please use ecs_taskdefinition_info instead.
• efs_facts - Remove deprecated alias efs_facts. Please use efs_info instead.
• elasticache_facts - Remove deprecated alias elasticache_facts. Please use elasticache_info instead.
• elb_application_lb_facts - Remove deprecated alias elb_application_lb_facts. Please use elb_application_lb_info instead.
• elb_classic_lb_facts - Remove deprecated alias elb_classic_lb_facts. Please use elb_classic_lb_info instead.
• elb_target_facts - Remove deprecated alias elb_target_facts. Please use elb_target_info instead.
• elb_target_group_facts - Remove deprecated alias elb_target_group_facts. Please use elb_target_group_info instead.
• iam - Removed deprecated community.aws.iam module. Please use community.aws.iam_user, community.aws.iam_access_key or community.aws.iam_group (#839).
• iam_cert_facts - Remove deprecated alias iam_cert_facts. Please use iam_cert_info instead.
• iam_mfa_device_facts - Remove deprecated alias iam_mfa_device_facts. Please use iam_mfa_device_info instead.
• iam_role_facts - Remove deprecated alias iam_role_facts. Please use iam_role_info instead.
• iam_server_certificate_facts - Remove deprecated alias iam_server_certificate_facts. Please use iam_server_certificate_info instead.
• lambda_facts - Remove deprecated module lambda_facts. Please use lambda_info`` instead.
• rds - Removed deprecated community.aws.rds module. Please use community.aws.rds_instance (#839).
• rds_instance_facts - Remove deprecated alias rds_instance_facts. Please use rds_instance_info instead.
• rds_snapshot_facts - Remove deprecated alias rds_snapshot_facts. Please use rds_snapshot_info instead.
• redshift_facts - Remove deprecated alias redshift_facts. Please use redshift_info instead.
• route53_facts - Remove deprecated alias route53_facts. Please use route53_info instead.

Bugfixes

• aws_eks - Fix EKS cluster creation with short names (#818).

community.aws 2.1.0

Minor Changes

• aws_config_delivery_channel - replaced use of deprecated backoff decorator (#764).
• aws_direct_connect_confirm_connection - replaced use of deprecated backoff decorator (#764).
• aws_direct_connect_connection - replaced use of deprecated backoff decorator (#764).
• aws_direct_connect_link_aggregation_group - replaced use of deprecated backoff decorator (#764).
• aws_direct_connect_virtual_interface - replaced use of deprecated backoff decorator (#764).
• aws_inspector_target - replaced use of deprecated backoff decorator (#764).
• aws_kms - add support for kms_spec and kms_usage parameter (#774).
• aws_kms - replaced use of deprecated backoff decorator (#764).
• aws_kms_info - replaced use of deprecated backoff decorator (#764).
• cloudformation_stack_set - replaced use of deprecated backoff decorator (#764).
• cloudfront_distribution - add TLSv1.2_2021 security policy for viewer connections (#707).
• dms_endpoint - replaced use of deprecated backoff decorator (#764).
• dms_replication_subnet_group - replaced use of deprecated backoff decorator (#764).
• dynamodb_table - add support for setting the billing_mode option (#753).
• dynamodb_table - the module has been updated to use the boto3 AWS SDK (#726).
• ec2_asg - replaced use of deprecated backoff decorator (#764).
• ec2_eip - added support for tagging EIPs (#332).
• ec2_eip_info - added automatic retries for common temporary API failures (#332).
• ec2_eip_info - added support for tagging EIPs (#332).
• ec2_elb_info - replaced use of deprecated backoff decorator (#764).
• ec2_win_password - module updated to use the boto3 AWS SDK (#759).
• ecs_service - added support for forcing deletion of a service (#228).
• ecs_service_info - replaced use of deprecated backoff decorator (#764).
• ecs_taskdefinition - add placement_constraints option (#741).
• efs - add transition_to_ia parameter to support specifying the number of days before transitioning data to inactive storage (#522).
• elb_instance - added new updated_elbs return value (#773).
• elb_instance - the module has been migrated to the boto3 AWS SDK (#773).
• elb_target_group - add preserve_client_ip_enabled option (#670).
• elb_target_group - add proxy_protocol_v2_enabled option (#670).
• iam_managed_policy - replaced use of deprecated backoff decorator (#764).
• iam_role - Added wait option for IAM role creation / updates (#767).
• iam_saml_federation - replaced use of deprecated backoff decorator (#764).
• iam_server_certificate - add support for check_mode (#737).
• iam_server_certificate - migrate module to using the boto3 SDK (#737).
• lambda_info - add automatic retries for recoverable errors (#777).
• lambda_info - add support for tags (#375).
• lambda_info - use paginator for list queries (#777).
• rds - replaced use of deprecated backoff decorator (#764).
• redshift_subnet_group - added support for check_mode (#724).
• redshift_subnet_group - the group_description option has been renamed to description and is now optional. The old parameter name will continue to work (#724).
• redshift_subnet_group - the group_subnets option has been renamed to subnets and is now only required when creating a new group. The old parameter name will continue to work (#724).
• redshift_subnet_group - the module has been migrated to the boto3 AWS SDK (#724).
• route53_health_check - add support for tagging health checks (#765).
• route53_health_check - added support for check_mode (#734).
• route53_health_check - added support for disabling health checks (#756).
• route53_health_check - migrated to boto3 SDK (#734).
• route53_zone - add support for tagging Route 53 zones (#565).
• sqs_queue - Providing a kms_master_key_id will now enable SSE properly (#762)

Deprecated Features

• dynamodb_table - DynamoDB does not support specifying non-key-attributes when creating an ALL index. Passing includes for such indexes is currently ignored but will result in failures after version 3.0.0 (#726).
• dynamodb_table - DynamoDB does not support updating the primary indexes on a table. Attempts to make such changes are currently ignored but will result in failures after version 3.0.0 (#726).
• elb_instance - setting of the ec2_elb fact has been deprecated and will be removed in release 4.0.0 of the collection. See the module documentation for an alternative example using the register keyword (#773).
• iam_cert - the iam_cert module has been renamed to iam_server_certificate for consistency with the companion iam_server_certificate_info module. The usage of the module has not changed. The iam_cert alias will be removed in version 4.0.0 (#728).
• iam_server_certificate - Passing file names to the cert, chain_cert and key parameters has been deprecated. We recommend using a lookup plugin to read the files instead, see the documentation for an example (#735).
• iam_server_certificate - the default value for the dup_ok parameter is currently false, in version 4.0.0 this will be updated to true. To preserve the current behaviour explicitly set the dup_ok parameter to false (#737).
• rds_snapshot - the rds_snapshot module has been renamed to rds_instance_snapshot. The usage of the module has not changed. The rds_snapshot alias will be removed in version 4.0.0 (#783).

Bugfixes

• AWS action group - added missing aws_direct_connect_confirm_connection and efs_tag entries (ansible-collections/amazon.aws#557).
• cloudfront_info - Switch to native boto3 paginators to fix reported bug when over 100 distributions exist (#769).
• ec2_eip - fix bug when allocating an EIP but not associating it to a VPC (#731).
• elb_classic_lb_info - fix empty list returned when names not defined (#693).
• elb_instance - Python 3 compatibility fix (#384).
• iam_role_info - switch to jittered backoff to reduce rate limiting failures (#748).
• rds_instance - Fixed issue with enabling enhanced monitoring on a pre-existing RDS instance (#747).
• route53 - add missing set identifier in resource_record_set (#595).
• route53 - fix diff mode when deleting records (#802).
• route53 - return empty result for nonexistent records (#799).
• sns_topic ...