Try Spotterlists S3 buckets in AWS
| "added in version" 1.0.0 of community.aws"
Authors: Gerben Geijteman (@hyperized)
Install with ansible-galaxy collection install community.aws:==4.3.0
collections:
- name: community.aws
version: 4.3.0Lists S3 buckets and details about those buckets.
# Note: These examples do not set authentication details, see the AWS Guide for details. # Note: Only AWS S3 is currently supported # Lists all s3 buckets - community.aws.aws_s3_bucket_info: register: result
# Retrieve detailed bucket information
- community.aws.aws_s3_bucket_info:
# Show only buckets with name matching
name_filter: your.testing
# Choose facts to retrieve
bucket_facts:
# bucket_accelerate_configuration: true
bucket_acl: true
bucket_cors: true
bucket_encryption: true
# bucket_lifecycle_configuration: true
bucket_location: true
# bucket_logging: true
# bucket_notification_configuration: true
# bucket_ownership_controls: true
# bucket_policy: true
# bucket_policy_status: true
# bucket_replication: true
# bucket_request_payment: true
# bucket_tagging: true
# bucket_website: true
# public_access_block: true
transform_location: true
register: result
# Print out result
- name: List buckets
ansible.builtin.debug:
msg: "{{ result['buckets'] }}"
name:
default: ''
description:
- Name of bucket to query.
type: str
version_added: 1.4.0
version_added_collection: community.aws
region:
aliases:
- aws_region
- ec2_region
description:
- The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION
environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
type: str
ec2_url:
aliases:
- aws_endpoint_url
- endpoint_url
description:
- Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will
use EC2 endpoints). Ignored for modules where region is required. Must be specified
for all other modules if region is not used. If not set then the value of the EC2_URL
environment variable, if any, is used.
type: str
profile:
aliases:
- aws_profile
description:
- Uses a boto profile. Only works with boto >= 2.24.0.
- Using I(profile) will override I(aws_access_key), I(aws_secret_key) and I(security_token)
and support for passing them at the same time as I(profile) has been deprecated.
- I(aws_access_key), I(aws_secret_key) and I(security_token) will be made mutually
exclusive with I(profile) after 2022-06-01.
type: str
aws_config:
description:
- A dictionary to modify the botocore configuration.
- Parameters can be found at U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config).
- Only the 'user_agent' key is used for boto modules. See U(http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto)
for more boto configuration.
type: dict
name_filter:
default: ''
description:
- Limits buckets to only buckets who's name contain the string in I(name_filter).
type: str
version_added: 1.4.0
version_added_collection: community.aws
bucket_facts:
description:
- Retrieve requested S3 bucket detailed information
- Each bucket_X option executes one API call, hence many options being set to C(true)
will cause slower module execution.
- You can limit buckets by using the I(name) or I(name_filter) option.
suboptions:
bucket_accelerate_configuration:
default: false
description: Retrive S3 accelerate configuration.
type: bool
bucket_acl:
default: false
description: Retrive S3 bucket ACLs.
type: bool
bucket_cors:
default: false
description: Retrive S3 bucket CORS configuration.
type: bool
bucket_encryption:
default: false
description: Retrive S3 bucket encryption.
type: bool
bucket_lifecycle_configuration:
default: false
description: Retrive S3 bucket lifecycle configuration.
type: bool
bucket_location:
default: false
description: Retrive S3 bucket location.
type: bool
bucket_logging:
default: false
description: Retrive S3 bucket logging.
type: bool
bucket_notification_configuration:
default: false
description: Retrive S3 bucket notification configuration.
type: bool
bucket_ownership_controls:
default: false
description:
- Retrive S3 ownership controls.
type: bool
bucket_policy:
default: false
description: Retrive S3 bucket policy.
type: bool
bucket_policy_status:
default: false
description: Retrive S3 bucket policy status.
type: bool
bucket_replication:
default: false
description: Retrive S3 bucket replication.
type: bool
bucket_request_payment:
default: false
description: Retrive S3 bucket request payment.
type: bool
bucket_tagging:
default: false
description: Retrive S3 bucket tagging.
type: bool
bucket_website:
default: false
description: Retrive S3 bucket website.
type: bool
public_access_block:
default: false
description: Retrive S3 bucket public access block.
type: bool
type: dict
version_added: 1.4.0
version_added_collection: community.aws
aws_ca_bundle:
description:
- The location of a CA Bundle to use when validating SSL certificates.
- Only used for boto3 based modules.
- 'Note: The CA Bundle is read ''module'' side and may need to be explicitly copied
from the controller if not run locally.'
type: path
aws_access_key:
aliases:
- ec2_access_key
- access_key
description:
- AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY
or EC2_ACCESS_KEY environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(aws_access_key) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
aws_secret_key:
aliases:
- ec2_secret_key
- secret_key
description:
- AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY,
or EC2_SECRET_KEY environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(aws_secret_key) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
security_token:
aliases:
- aws_security_token
- access_token
description:
- AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN
environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(security_token) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
validate_certs:
default: true
description:
- When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
type: bool
transform_location:
default: false
description:
- S3 bucket location for default us-east-1 is normally reported as C(null).
- Setting this option to C(true) will return C(us-east-1) instead.
- Affects only queries with I(bucket_facts=true) and I(bucket_location=true).
type: bool
version_added: 1.4.0
version_added_collection: community.aws
debug_botocore_endpoint_logs:
default: 'no'
description:
- Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action"
API calls made during a task, outputing the set to the resource_actions key in the
task results. Use the aws_resource_action callback to output to total list made
during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also
be used.
type: bool
bucket_list:
contains:
bucket_acl:
contains:
Grants:
description: List of ACL grants.
sample: []
type: list
Owner:
contains:
DisplayName:
description: Bucket owner user display name.
returned: always
sample: username
type: str
ID:
description: Bucket owner user ID.
returned: always
sample: 123894e509349etc
type: str
description: Bucket owner information.
type: complex
description: Bucket ACL configuration.
returned: when I(bucket_facts=true) and I(bucket_acl=true)
type: complex
bucket_cors:
contains:
CORSRules:
description: Bucket CORS configuration.
returned: when CORS rules are defined for the bucket
sample: []
type: list
description: Bucket CORS configuration.
returned: when I(bucket_facts=true) and I(bucket_cors=true)
type: complex
bucket_encryption:
contains:
ServerSideEncryptionConfiguration:
contains:
Rules:
description: List of applied encryptio rules.
returned: when encryption is enabled on the bucket
sample:
ApplyServerSideEncryptionByDefault:
SSEAlgorithm: AES256
BucketKeyEnabled: false
type: list
description: ServerSideEncryptionConfiguration configuration.
returned: when encryption is enabled on the bucket
type: complex
description: Bucket encryption configuration.
returned: when I(bucket_facts=true) and I(bucket_encryption=true)
type: complex
bucket_lifecycle_configuration:
contains:
Rules:
description: List of lifecycle management rules.
returned: when lifecycle configuration is present
sample:
- ID: example-rule
Status: Enabled
type: list
description: Bucket lifecycle configuration settings.
returned: when I(bucket_facts=true) and I(bucket_lifecycle_configuration=true)
type: complex
bucket_location:
contains:
LocationConstraint:
description: AWS region.
returned: always
sample: us-east-2
type: str
description: Bucket location.
returned: when I(bucket_facts=true) and I(bucket_location=true)
type: complex
bucket_logging:
contains:
LoggingEnabled:
contains:
TargetBucket:
description: Target bucket name.
returned: always
sample: logging-bucket-name
type: str
TargetPrefix:
description: Prefix in target bucket.
returned: always
sample: ''
type: str
description: Server access logging configuration.
returned: when server access logging is defined for the bucket
type: complex
description: Server access logging configuration.
returned: when I(bucket_facts=true) and I(bucket_logging=true)
type: complex
bucket_name_filter:
description: String used to limit buckets. See I(name_filter).
returned: when I(name_filter) is defined
sample: filter-by-this-string
type: str
bucket_notification_configuration:
contains:
TopicConfigurations:
description: List of notification events configurations.
returned: when at least one notification is configured
sample: []
type: list
description: Bucket notification settings.
returned: when I(bucket_facts=true) and I(bucket_notification_configuration=true)
type: complex
bucket_ownership_controls:
contains:
OwnershipControls:
contains:
Rules:
description: List of ownership rules.
returned: when ownership rule is defined
sample:
- 'ObjectOwnership:': ObjectWriter
type: list
description: Object ownership settings.
returned: when ownership controls are defined for the bucket
type: complex
description: Preffered object ownership settings.
returned: when I(bucket_facts=true) and I(bucket_ownership_controls=true)
type: complex
bucket_policy:
description: Bucket policy contents.
returned: when I(bucket_facts=true) and I(bucket_policy=true)
sample: '{"Version":"2012-10-17","Statement":[{"Sid":"AddCannedAcl","Effect":"Allow",..}}]}'
type: str
bucket_policy_status:
contains:
PolicyStatus:
contains:
IsPublic:
description: Report bucket policy public status.
returned: when bucket policy is present
sample: true
type: bool
description: Status of bucket policy.
returned: when bucket policy is present
type: complex
description: Status of bucket policy.
returned: when I(bucket_facts=true) and I(bucket_policy_status=true)
type: complex
bucket_replication:
contains:
Role:
description: IAM role used for replication.
returned: when replication rule is defined
sample: arn:aws:iam::123:role/example-role
type: str
Rules:
description: List of replication rules.
returned: when replication rule is defined
sample:
- Filter: '{}'
ID: rule-1
type: list
description: Replication configuration settings.
returned: when I(bucket_facts=true) and I(bucket_replication=true)
type: complex
bucket_request_payment:
contains:
Payer:
description: Current payer.
returned: always
sample: BucketOwner
type: str
description: Requester pays setting.
returned: when I(bucket_facts=true) and I(bucket_request_payment=true)
type: complex
bucket_tagging:
description: Bucket tags.
returned: when I(bucket_facts=true) and I(bucket_tagging=true)
sample:
Tag1: Value1
Tag2: Value2
type: dict
bucket_website:
contains:
ErrorDocument:
description: Object serving as HTTP error page.
returned: when static website hosting is enabled
sample:
Key: error.html
type: dict
IndexDocument:
description: Object serving as HTTP index page.
returned: when static website hosting is enabled
sample:
Suffix: error.html
type: dict
RedirectAllRequestsTo:
contains:
HostName:
description: Hostname to redirect.
returned: always
sample: www.example.com
type: str
Protocol:
description: Protocol used for redirect.
returned: always
sample: https
type: str
description: Website redict settings.
returned: when redirect requests is configured
type: complex
description: Static website hosting.
returned: when I(bucket_facts=true) and I(bucket_website=true)
type: complex
creation_date:
description: Bucket creation date timestamp.
returned: always
sample: '2021-01-21T12:44:10+00:00'
type: str
name:
description: Bucket name.
returned: always
sample: a-testing-bucket-name
type: str
public_access_block:
contains:
PublicAccessBlockConfiguration:
contains:
BlockPublicAcls:
description: BlockPublicAcls setting value.
sample: true
type: bool
BlockPublicPolicy:
description: BlockPublicPolicy setting value.
sample: true
type: bool
IgnorePublicAcls:
description: IgnorePublicAcls setting value.
sample: true
type: bool
RestrictPublicBuckets:
description: RestrictPublicBuckets setting value.
sample: true
type: bool
description: PublicAccessBlockConfiguration data.
returned: when PublicAccessBlockConfiguration is defined for the bucket
type: complex
description: Bucket public access block configuration.
returned: when I(bucket_facts=true) and I(public_access_block=true)
type: complex
description: List of buckets
returned: always
type: complex