community.aws 8.0.0

Release Summary

This major release brings several new features, bug fixes, and deprecated features. It also includes the removal of several modules that have been migrated to the amazon.aws collection. We have also removed support for ansible-core<2.15.

Minor Changes

• api_gateway - use fstrings where appropriate (ansible-collections/amazon.aws#1962).
• api_gateway_info - use fstrings where appropriate (ansible-collections/amazon.aws#1962).
• community.aws collection - apply isort code formatting to ensure consistent formatting of code (#1962)
• ecs_taskdefinition - Add parameter runtime_platform (#1891).
• eks_nodegroup - ensure wait also waits for deletion to complete when wait==True (#1994).
• elb_network_lb - add support for Application-Layer Protocol Negotiation (ALPN) policy AlpnPolicy for TLS listeners (#1566).
• elb_network_lb - add the possibly to update SslPolicy and Certificates for TLS listeners ().

Breaking Changes / Porting Guide

• The community.aws collection has dropped support for botocore<1.29.0 and boto3<1.26.0. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (ansible-collections/amazon.aws#1763).
• aws_region_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.aws_region_info.
• aws_s3_bucket_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.aws_s3_bucket_info.
• community.aws collection - Support for ansible-core < 2.15 has been dropped (#2074).
• community.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection wss been deprecated in release 6.0.0 and removed in release 7.0.0. (ansible-collections/amazon.aws#1763).
• iam_access_key - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_access_key.
• iam_access_key_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_access_key_info.
• iam_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_group (#1945).
• iam_managed_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_managed_policy (#1954).
• iam_mfa_device_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_mfa_device_info (#1953).
• iam_password_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_password_policy.
• iam_role - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_role (#1948).
• iam_role_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_role_info (#1948).
• s3_bucket_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.s3_bucket_info.
• sts_assume_role - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.sts_assume_role.

Deprecated Features

• aws_glue_connection - updated the deprecation for removal of the connection_parameters return key from after 2024-06-01 to release version 9.0.0, it is being replaced by the raw_connection_parameters key (#518).
• ecs_cluster - updated the deprecation for updated default of purge_capacity_providers, the current default of False will be changed to True in release 9.0.0. To maintain the current behaviour explicitly set purge_capacity_providers=False (#1640).
• ecs_service - updated the deprecation for updated default of purge_placement_constraints, the current default of False will be changed to True in release 9.0.0. To maintain the current behaviour explicitly set purge_placement_constraints=False (#1716).
• ecs_service - updated the deprecation for updated default of purge_placement_strategy, the current default of False will be changed to True in release 9.0.0. To maintain the current behaviour explicitly set purge_placement_strategy=False (#1716).

Bugfixes

• mq_broker - ensure broker is created with tags when passed (#1832).
• opensearch - Don't try to read a non existing key from the domain config (#1910).

community.aws 7.2.0

Release Summary

This release includes a new module dynamodb_table_info, new features for the glue_job and msk_cluster modules, and a bugfix for the aws_ssm connection plugin.

Minor Changes

• glue_job - add support for 2 new instance types which are G.4X and G.8X (#2048).
• msk_cluster - Support for additional m5 and m7g types of MSK clusters (#1947).

Bugfixes

• ssm(connection) - fix bucket region logic when region is us-east-1 (#1908).

New Modules

• dynamodb_table_info - Returns information about a Dynamo DB table

community.aws 7.1.0

Release Summary

This release includes new features for the cloudfront_distribution and mq_broker modules, as well as a bugfix for the aws_ssm connection plugin needed when connecting to hosts with Bash 5.1.0 and later.

Minor Changes

• aws_ssm - Updated the documentation to explicitly state that an S3 bucket is required, the behavior of the files in that bucket, and requirements around that. (#1775).
• cloudfront_distribution - added support for cache_policy_id and origin_request_policy_id for behaviors (#1589)
• mq_broker - add support to wait for broker state via wait and wait_timeout parameter values (#1879).

Bugfixes

• aws_ssm - disable enable-bracketed-paste to fix issue with amazon linux 2023 and other OSes (#1756)

community.aws 7.0.0

Release Summary

This release includes some new features, bugfixes and breaking changes. Several modules have been migrated to amazon.aws and the Fully Qualified Collection Name for these modules needs to be updated. The community.aws collection has dropped support for botocore<1.29.0 and boto3<1.26.0. Due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/), support for Python less than 3.7 by this collection was deprecated in release 6.0.0 and removed in release 7.0.0. (ansible-collections/amazon.aws#1763).

Minor Changes

• api_gateway - use fstrings where appropriate (ansible-collections/amazon.aws#1962).
• api_gateway_info - use fstrings where appropriate (ansible-collections/amazon.aws#1962).
• community.aws collection - apply isort code formatting to ensure consistent formatting of code (#1962)
• ecs_taskdefinition - Add parameter runtime_platform (#1891).
• eks_nodegroup - ensure wait also waits for deletion to complete when wait==True (#1994).

Breaking Changes / Porting Guide

• The community.aws collection has dropped support for botocore<1.29.0 and boto3<1.26.0. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (ansible-collections/amazon.aws#1763).
• aws_region_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.aws_region_info.
• aws_s3_bucket_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.aws_s3_bucket_info.
• community.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection wss been deprecated in release 6.0.0 and removed in release 7.0.0. (ansible-collections/amazon.aws#1763).
• iam_access_key - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_access_key.
• iam_access_key_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_access_key_info.
• iam_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_group (#1945).
• iam_managed_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_managed_policy (#1954).
• iam_mfa_device_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_mfa_device_info (#1953).
• iam_password_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_password_policy.
• iam_role - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_role (#1948).
• iam_role_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_role_info (#1948).
• s3_bucket_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.s3_bucket_info.
• sts_assume_role - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.sts_assume_role.

Bugfixes

• mq_broker - ensure broker is created with tags when passed (#1832).
• opensearch - Don't try to read a non existing key from the domain config (#1910).

community.aws 6.4.0

Release Summary

This release is the last planned minor release of community.aws prior to the release of 7.0.0.
It includes documentation fixes and adds support for setting run time configurations to the ecs_taskdefinition module.

Minor Changes

• ecs_taskdefinition - Add parameter runtime_platform (#1891).

community.aws 6.3.0

Release Summary

This release brings a minor bug fix for the opensearch module and a new route53_wait module.

Bugfixes

• opensearch - Don't try to read a non existing key from the domain config (#1910).

New Modules

• route53_wait - wait for changes in Amazons Route 53 DNS service to propagate

community.aws 6.2.0

Release Summary

This release includes some new features for the community.aws.ec2_vpc_vpn and community.aws.api_gateway modules.

Minor Changes

• api_gateway - add support for parameters name, lookup, tags and purge_tags (#1845).
• ec2_vpc_vpn - add support for connecting VPNs to a transit gateway (#1877).

Bugfixes

• Remove apigateway and apigateway_deployment from meta/runtime.yml (#1905).

community.aws 6.1.0

Release Summary

This release brings a new inventory plugin, some new features, and several bugfixes.

Minor Changes

• dynamodb_table - added waiter when updating indexes to avoid concurrency issues (#1866).
• dynamodb_table - increased default timeout based on time to update indexes in CI (#1866).
• iam_group - refactored ARN validation handling (#1848).
• iam_role - refactored ARN validation handling (#1848).
• sns_topic - refactored ARN validation handling (#1848).

Bugfixes

• batch_compute_environment - fixed incorrect handling of Gov Cloud ARNs in compute_environment_name parameter (#1846).
• cloudfront_distribution - The origins recognises the s3 domains with region part now (#1819).
• cloudfront_distribution - no longer crashes when waiting for completion of creation (#255).
• cloudfront_distribution - now honours the enabled setting (#1823).
• dynamodb_table - secondary indexes are now created (#1825).
• ec2_launch_template - fixed incorrect handling of Gov Cloud ARNs in compute_environment_name parameter (#1846).
• elasticache_info - remove hard coded use of aws partition (#1846).
• iam_role - fixed incorrect rejection of Gov Cloud ARNs in boundary parameter (#1846).
• msk_cluster - remove hard coded use of aws partition (#1846).
• redshift - fixed hard coded use of aws partition (#1846).

New Plugins

Inventory

• aws_mq - MQ broker inventory source

community.aws 5.5.1

Release Summary

This release brings several bugfixes.

Bugfixes

• cloudfront_distribution - no longer crashes when waiting for completion of creation (#255).
• cloudfront_distribution - now honours the enabled setting (#1823).

community.aws 6.0.0

Release Summary

This release brings some new plugins and features. Several bugfixes, breaking changes and deprecated features are also included.
The community.aws collection has dropped support for botocore<1.25.0 and boto3<1.22.0.
Support for Python 3.6 has also been dropped.

Minor Changes

• The black code formatter has been run across the collection to improve code consistency (#1784).
• aws_config_delivery_channel - add support for encrypted objects in S3 via KMS key (#1786).
• aws_ssm - Updated the documentation to explicitly mention that the ansible_user and remote_user variables are not supported by the plugin (#1682).
• bulk migration of % and .format() to fstrings (#1810).
• cloudfront_distribution - add http3 support via parameter value http2and3 for parameter http_version (#1753).
• cloudfront_distribution - add origin_shield options (#1557).
• cloudfront_distribution - documented connection_attempts and connection_timeout the module was already capable of using them
• community.aws - updated document fragments based on changes in amazon.aws (#1738).
• community.aws - updated imports based on changes in amazon.aws (#1738).
• ecs_ecr - use compare_policies when comparing lifecycle policies instead of naive sort_json_policy_dict comparisons (#1551).
• elasticache - Use the cache.t3.small node type in the example. cache.m1.small is not deprecated.
• minor code fixes and enable integration tests for modules cloudfront_distribution, cloudfront_invalidation and cloudfront_origin_access_identity (#1596).
• module_utils.botocore - Add Ansible AWS User-Agent identification (#1632).
• wafv2_rule_group_info - remove unused and deprecated state parameter (#1555).

Breaking Changes / Porting Guide

• The community.aws collection has dropped support for botocore<1.25.0 and boto3<1.22.0. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (#1743).
• aws_ssm - the AWS SSM plugin was incorrectly prepending sudo to most commands. This behaviour was incorrect and has been removed. To execute commands as a specific user, including the root user, the become and become_user directives should be used. See the Ansible documentation for more information (#853).
• codebuild_project - tags parameter now accepts a dict representing the tags, rather than the boto3 format (#1643).

Deprecated Features

• community.aws collection - due to the AWS SDKs Python support policies (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.8 by this collection is expected to be removed in a release after 2024-12-01 (#1743).
• community.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection has been deprecated and will be removed in release 7.0.0. (#1743).

Bugfixes

• opensearch_info - Fix the name of the domain_name key in the example (#1811).
• ses_identity - fix clearing notification topic (#150).

New Modules

• ec2_carrier_gateway - Manage an AWS VPC Carrier gateway
• ec2_carrier_gateway_info - Gather information about carrier gateways in AWS
• lightsail_snapshot - Creates snapshots of AWS Lightsail instances
• mq_broker - MQ broker management
• mq_broker_config - Update Amazon MQ broker configuration
• mq_broker_info - Retrieve MQ Broker details
• mq_user - Manage users in existing Amazon MQ broker
• mq_user_info - List users of an Amazon MQ broker
• ssm_inventory_info - Get SSM inventory information for EC2 instance