amazon / amazon.cloud / 0.4.0 / module / eks_fargate_profile Creates and manage AWS Fargate profiles | "added in version" 0.2.0 of amazon.cloud" Authors: Ansible Cloud Team (@ansible-collections)amazon.cloud.eks_fargate_profile (0.4.0) — module
Install with ansible-galaxy collection install amazon.cloud:==0.4.0
collections: - name: amazon.cloud version: 0.4.0
Creates and manage AWS Fargate profiles for your Amazon EKS cluster.
You must have at least one Fargate profile in a cluster to be able to run pods on Fargate.
- name: Set the cluster name set_fact: eks_cluster_name: '{{ _resource_prefix }}-cluster'
- name: Define EKS facts set_fact: eks_fargate_profile_name_a: '{{ _resource_prefix }}-fp-a' eks_fargate_profile_name_b: '{{ _resource_prefix }}-fp-b' eks_subnets: - zone: a cidr: 10.0.1.0/24 type: private tag: internal-elb - zone: b cidr: 10.0.2.0/24 type: public tag: elb eks_security_groups: - name: '{{ eks_cluster_name }}-control-plane-sg' description: EKS Control Plane Security Group rules: - group_name: '{{ eks_cluster_name }}-workers-sg' group_desc: EKS Worker Security Group ports: 443 proto: tcp rules_egress: - group_name: '{{ eks_cluster_name }}-workers-sg' group_desc: EKS Worker Security Group from_port: 1025 to_port: 65535 proto: tcp - name: '{{ eks_cluster_name }}-workers-sg' description: EKS Worker Security Group rules: - group_name: '{{ eks_cluster_name }}-workers-sg' proto: tcp from_port: 1 to_port: 65535 - group_name: '{{ eks_cluster_name }}-control-plane-sg' ports: 10250 proto: tcp
- name: Define selector set_fact: selectors: - labels: - key: test value: test namespace: fp-default
- name: Define the tags set_fact: tags: Foo: foo bar: Bar
- name: Create Fargate Profile a with wait amazon.cloud.eks_fargate_profile: fargate_profile_name: '{{ eks_fargate_profile_name_a }}' state: present cluster_name: '{{ eks_cluster_name }}' pod_execution_role_arn: '{{ _result_create_iam_role_fp.arn }}' subnets: "{{_result_create_subnets.results|selectattr('subnet.tags.Name', 'contains', 'private') | map(attribute='subnet.id') }}" selectors: '{{ selectors }}' wait: true tags: '{{ tags }}' register: _result_create_fp
- name: List Fargate Profiles amazon.cloud.eks_fargate_profile: state: list cluster_name: '{{ eks_cluster_name }}' register: _result_list_fp
- name: Update tags in Fargate Profile a with wait (check mode) amazon.cloud.eks_fargate_profile: fargate_profile_name: '{{ eks_fargate_profile_name_a }}' state: present cluster_name: '{{ eks_cluster_name }}' pod_execution_role_arn: '{{ _result_create_iam_role_fp.arn }}' subnets: "{{_result_create_subnets.results|selectattr('subnet.tags.Name', 'contains', 'private') | map(attribute='subnet.id') }}" selectors: '{{ selectors }}' wait: true tags: env: test test: foo check_mode: true register: _result_update_tags_fp
- name: Delete Fargate Profile a amazon.cloud.eks_fargate_profile: fargate_profile_name: '{{ eks_fargate_profile_name_a }}' cluster_name: '{{ eks_cluster_name }}' state: absent wait: true wait_timeout: 900 register: _result_delete_fp
tags: aliases: - resource_tags description: - A dict of tags to apply to the resource. - To remove all tags set I(tags={}) and I(purge_tags=true). type: dict wait: default: false description: - Wait for operation to complete before returning. type: bool force: default: false description: - Cancel IN_PROGRESS and PENDING resource requestes. - Because you can only perform a single operation on a given resource at a time, there might be cases where you need to cancel the current resource operation to make the resource available so that another operation may be performed on it. type: bool state: choices: - present - absent - list - describe - get default: present description: - Goal state for resource. - I(state=present) creates the resource if it doesn't exist, or updates to the provided state if the resource already exists. - I(state=absent) ensures an existing instance is deleted. - I(state=list) get all the existing resources. - I(state=describe) or I(state=get) retrieves information on an existing resource. type: str region: aliases: - aws_region - ec2_region description: - The AWS region to use. - For global services such as IAM, Route53 and CloudFront, I(region) is ignored. - The C(AWS_REGION) or C(EC2_REGION) environment variables may also be used. - See the Amazon AWS documentation for more information U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region). - The C(ec2_region) alias has been deprecated and will be removed in a release after 2024-12-01 - Support for the C(EC2_REGION) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str profile: aliases: - aws_profile description: - A named AWS profile to use for authentication. - See the AWS documentation for more information about named profiles U(https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html). - The C(AWS_PROFILE) environment variable may also be used. - The I(profile) option is mutually exclusive with the I(aws_access_key), I(aws_secret_key) and I(security_token) options. type: str subnets: description: - Not Provived. elements: str type: list selectors: description: - Not Provived. elements: dict suboptions: labels: description: - A key-value pair to associate with a pod. elements: dict suboptions: key: description: - The key name of the label. type: str value: description: - The value for the label. type: str type: list namespace: description: - Not Provived. type: str type: list access_key: aliases: - aws_access_key_id - aws_access_key - ec2_access_key description: - AWS access key ID. - See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). - The C(AWS_ACCESS_KEY_ID), C(AWS_ACCESS_KEY) or C(EC2_ACCESS_KEY) environment variables may also be used in decreasing order of preference. - The I(aws_access_key) and I(profile) options are mutually exclusive. - The I(aws_access_key_id) alias was added in release 5.1.0 for consistency with the AWS botocore SDK. - The I(ec2_access_key) alias has been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_ACCESS_KEY) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str aws_config: description: - A dictionary to modify the botocore configuration. - Parameters can be found in the AWS documentation U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config). type: dict identifier: description: - For compound primary identifiers, to specify the primary identifier as a string, list each in the order that they are specified in the identifier list definition, separated by '|'. - For more details, visit U(https://docs.aws.amazon.com/cloudcontrolapi/latest/userguide/resource-identifier.html). type: str purge_tags: default: true description: - Remove tags not listed in I(tags). type: bool secret_key: aliases: - aws_secret_access_key - aws_secret_key - ec2_secret_key description: - AWS secret access key. - See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). - The C(AWS_SECRET_ACCESS_KEY), C(AWS_SECRET_KEY), or C(EC2_SECRET_KEY) environment variables may also be used in decreasing order of preference. - The I(secret_key) and I(profile) options are mutually exclusive. - The I(aws_secret_access_key) alias was added in release 5.1.0 for consistency with the AWS botocore SDK. - The I(ec2_secret_key) alias has been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_SECRET_KEY) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str cluster_name: description: - Name of the Cluster. type: str endpoint_url: aliases: - ec2_url - aws_endpoint_url - s3_url description: - URL to connect to instead of the default AWS endpoints. While this can be used to connection to other AWS-compatible services the amazon.aws and community.aws collections are only tested against AWS. - The C(AWS_URL) or C(EC2_URL) environment variables may also be used, in decreasing order of preference. - The I(ec2_url) and I(s3_url) aliases have been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_URL) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str wait_timeout: default: 320 description: - How many seconds to wait for an operation to complete before timing out. type: int aws_ca_bundle: description: - The location of a CA Bundle to use when validating SSL certificates. - The C(AWS_CA_BUNDLE) environment variable may also be used. type: path session_token: aliases: - aws_session_token - security_token - aws_security_token - access_token description: - AWS STS session token for use with temporary credentials. - See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). - The C(AWS_SESSION_TOKEN), C(AWS_SECURITY_TOKEN) or C(EC2_SECURITY_TOKEN) environment variables may also be used in decreasing order of preference. - The I(security_token) and I(profile) options are mutually exclusive. - Aliases I(aws_session_token) and I(session_token) were added in release 3.2.0, with the parameter being renamed from I(security_token) to I(session_token) in release 6.0.0. - The I(security_token), I(aws_security_token), and I(access_token) aliases have been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_SECRET_KEY) and C(AWS_SECURITY_TOKEN) environment variables has been deprecated and will be removed in a release after 2024-12-01. type: str validate_certs: default: true description: - When set to C(false), SSL certificates will not be validated for communication with the AWS APIs. - Setting I(validate_certs=false) is strongly discouraged, as an alternative, consider setting I(aws_ca_bundle) instead. type: bool fargate_profile_name: description: - Name of FargateProfile. type: str pod_execution_role_arn: description: - The IAM policy arn for pods. type: str debug_botocore_endpoint_logs: default: false description: - Use a C(botocore.endpoint) logger to parse the unique (rather than total) C("resource:action") API calls made during a task, outputing the set to the resource_actions key in the task results. Use the C(aws_resource_action) callback to output to total list made during a playbook. - The C(ANSIBLE_DEBUG_BOTOCORE_LOGS) environment variable may also be used. type: bool
result: contains: identifier: description: The unique identifier of the resource. type: str properties: description: The resource properties. type: dict description: - When I(state=list), it is a list containing dictionaries of resource information. - Otherwise, it is a dictionary of resource information. - When I(state=absent), it is an empty dictionary. returned: always type: complex