Try SpotterCreate and manage Amazon S3 Multi-Region Access Points
| "added in version" 0.1.0 of amazon.cloud"
Authors: Ansible Cloud Team (@ansible-collections)
Install with ansible-galaxy collection install amazon.cloud:==0.1.0
collections:
- name: amazon.cloud
version: 0.1.0Create and manage Amazon S3 Multi-Region Access Points (list, create, update, describe, delete).
name:
description:
- The name you want to assign to this Multi Region Access Point.
type: str
wait:
default: false
description:
- Wait for operation to complete before returning.
type: bool
state:
choices:
- present
- absent
- list
- describe
- get
default: present
description:
- Goal state for resource.
- I(state=present) creates the resource if it doesn't exist, or updates to the provided
state if the resource already exists.
- I(state=absent) ensures an existing instance is deleted.
- I(state=list) get all the existing resources.
- I(state=describe) or I(state=get) retrieves information on an existing resource.
type: str
region:
aliases:
- aws_region
- ec2_region
description:
- The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION
environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
type: str
ec2_url:
aliases:
- aws_endpoint_url
- endpoint_url
description:
- URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will
use EC2 endpoints). Ignored for modules where region is required. Must be specified
for all other modules if region is not used. If not set then the value of the EC2_URL
environment variable, if any, is used.
type: str
profile:
aliases:
- aws_profile
description:
- Using I(profile) will override I(aws_access_key), I(aws_secret_key) and I(security_token)
and support for passing them at the same time as I(profile) has been deprecated.
- I(aws_access_key), I(aws_secret_key) and I(security_token) will be made mutually
exclusive with I(profile) after 2022-06-01.
type: str
regions:
description:
- The name of the bucket that represents of the region belonging to this Multi Region
Access Point.
elements: dict
required: true
suboptions:
bucket:
description:
- Not Provived.
required: true
type: str
type: list
aws_config:
description:
- A dictionary to modify the botocore configuration.
- Parameters can be found at U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config).
type: dict
wait_timeout:
default: 320
description:
- How many seconds to wait for an operation to complete before timing out.
type: int
aws_ca_bundle:
description:
- The location of a CA Bundle to use when validating SSL certificates.
- 'Note: The CA Bundle is read ''module'' side and may need to be explicitly copied
from the controller if not run locally.'
type: path
aws_access_key:
aliases:
- ec2_access_key
- access_key
description:
- C(AWS access key). If not set then the value of the C(AWS_ACCESS_KEY_ID), C(AWS_ACCESS_KEY)
or C(EC2_ACCESS_KEY) environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(aws_access_key) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
aws_secret_key:
aliases:
- ec2_secret_key
- secret_key
description:
- C(AWS secret key). If not set then the value of the C(AWS_SECRET_ACCESS_KEY), C(AWS_SECRET_KEY),
or C(EC2_SECRET_KEY) environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(aws_secret_key) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
security_token:
aliases:
- aws_session_token
- session_token
- aws_security_token
- access_token
description:
- C(AWS STS security token). If not set then the value of the C(AWS_SECURITY_TOKEN)
or C(EC2_SECURITY_TOKEN) environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(security_token) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
- Aliases I(aws_session_token) and I(session_token) have been added in version 3.2.0.
type: str
validate_certs:
default: true
description:
- When set to "no", SSL certificates will not be validated for communication with
the AWS APIs.
type: bool
debug_botocore_endpoint_logs:
default: 'no'
description:
- Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action"
API calls made during a task, outputing the set to the resource_actions key in the
task results. Use the aws_resource_action callback to output to total list made
during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also
be used.
type: bool
public_access_block_configuration:
description:
- The I(public_access_block) configuration that you want to apply to this Multi Region
Access Point.
- You can enable the configuration options in any combination.
- For more information about when Amazon S3 considers a bucket or object public, see
U(https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status)
The Meaning of Public in the Amazon Simple Storage Service Developer Guide.
suboptions:
block_public_acls:
description:
- Specifies whether Amazon S3 should block public access control lists (ACLs)
for buckets in this account.
- 'Setting this element to C(True) causes the following behavior:'
- '- PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.'
- '- PUT Object calls fail if the request includes a public ACL.'
- . - PUT Bucket calls fail if the request includes a public ACL.
- Enabling this setting doesnt affect existing policies or ACLs.
type: bool
block_public_policy:
description:
- Specifies whether Amazon S3 should block public bucket policies for buckets
in this account.
- Setting this element to C(True) causes Amazon S3 to reject calls to PUT Bucket
policy if the specified bucket policy allows public access.
- Enabling this setting doesnt affect existing bucket policies.
type: bool
ignore_public_acls:
description:
- Specifies whether Amazon S3 should ignore public ACLs for buckets in this account.
- Setting this element to C(True) causes Amazon S3 to ignore all public ACLs on
buckets in this account and any objects that they contain.
- Enabling this setting doesnt affect the persistence of any existing ACLs and
doesnt prevent new public ACLs from being set.
type: bool
restrict_public_buckets:
description:
- Specifies whether Amazon S3 should restrict public bucket policies for this
bucket.
- Setting this element to C(True) restricts access to this bucket to only AWS
services and authorized users within this account if the bucket has a public
policy.
- Enabling this setting doesnt affect previously stored bucket policies, except
that public and cross-account access within any public bucket policy, including
non-public delegation to specific accounts, is blocked.
type: bool
type: dict
result:
contains:
identifier:
description: The unique identifier of the resource.
type: str
properties:
description: The resource properties.
type: dict
description: Dictionary containing resource information.
returned: always
type: complex