Try SpotterLists S3 buckets in AWS
| "added in version" 1.0.0 of community.aws"
Authors: Gerben Geijteman (@hyperized)
Install with ansible-galaxy collection install community.aws:==5.1.0
collections:
- name: community.aws
version: 5.1.0Lists S3 buckets and details about those buckets.
Prior to release 5.0.0 this module was called C(community.aws.aws_s3_bucket_info). The usage did not change.
# Note: These examples do not set authentication details, see the AWS Guide for details. # Note: Only AWS S3 is currently supported # Lists all S3 buckets - community.aws.s3_bucket_info: register: result
# Retrieve detailed bucket information
- community.aws.s3_bucket_info:
# Show only buckets with name matching
name_filter: your.testing
# Choose facts to retrieve
bucket_facts:
# bucket_accelerate_configuration: true
bucket_acl: true
bucket_cors: true
bucket_encryption: true
# bucket_lifecycle_configuration: true
bucket_location: true
# bucket_logging: true
# bucket_notification_configuration: true
# bucket_ownership_controls: true
# bucket_policy: true
# bucket_policy_status: true
# bucket_replication: true
# bucket_request_payment: true
# bucket_tagging: true
# bucket_website: true
# public_access_block: true
transform_location: true
register: result
# Print out result
- name: List buckets
ansible.builtin.debug:
msg: "{{ result['buckets'] }}"
name:
default: ''
description:
- Name of bucket to query.
type: str
version_added: 1.4.0
version_added_collection: community.aws
region:
aliases:
- aws_region
- ec2_region
description:
- The AWS region to use.
- For global services such as IAM, Route53 and CloudFront, I(region) is ignored.
- The C(AWS_REGION) or C(EC2_REGION) environment variables may also be used.
- See the Amazon AWS documentation for more information U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region).
- The C(ec2_region) alias has been deprecated and will be removed in a release after
2024-12-01
- Support for the C(EC2_REGION) environment variable has been deprecated and will
be removed in a release after 2024-12-01.
type: str
profile:
aliases:
- aws_profile
description:
- A named AWS profile to use for authentication.
- See the AWS documentation for more information about named profiles U(https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html).
- The C(AWS_PROFILE) environment variable may also be used.
- The I(profile) option is mutually exclusive with the I(aws_access_key), I(aws_secret_key)
and I(security_token) options.
type: str
access_key:
aliases:
- aws_access_key_id
- aws_access_key
- ec2_access_key
description:
- AWS access key ID.
- See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
- The C(AWS_ACCESS_KEY_ID), C(AWS_ACCESS_KEY) or C(EC2_ACCESS_KEY) environment variables
may also be used in decreasing order of preference.
- The I(aws_access_key) and I(profile) options are mutually exclusive.
- The I(aws_access_key_id) alias was added in release 5.1.0 for consistency with the
AWS botocore SDK.
- The I(ec2_access_key) alias has been deprecated and will be removed in a release
after 2024-12-01.
- Support for the C(EC2_ACCESS_KEY) environment variable has been deprecated and will
be removed in a release after 2024-12-01.
type: str
aws_config:
description:
- A dictionary to modify the botocore configuration.
- Parameters can be found in the AWS documentation U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config).
type: dict
secret_key:
aliases:
- aws_secret_access_key
- aws_secret_key
- ec2_secret_key
description:
- AWS secret access key.
- See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
- The C(AWS_SECRET_ACCESS_KEY), C(AWS_SECRET_KEY), or C(EC2_SECRET_KEY) environment
variables may also be used in decreasing order of preference.
- The I(secret_key) and I(profile) options are mutually exclusive.
- The I(aws_secret_access_key) alias was added in release 5.1.0 for consistency with
the AWS botocore SDK.
- The I(ec2_secret_key) alias has been deprecated and will be removed in a release
after 2024-12-01.
- Support for the C(EC2_SECRET_KEY) environment variable has been deprecated and will
be removed in a release after 2024-12-01.
type: str
name_filter:
default: ''
description:
- Limits buckets to only buckets who's name contain the string in I(name_filter).
type: str
version_added: 1.4.0
version_added_collection: community.aws
bucket_facts:
description:
- Retrieve requested S3 bucket detailed information.
- Each bucket_X option executes one API call, hence many options being set to C(true)
will cause slower module execution.
- You can limit buckets by using the I(name) or I(name_filter) option.
suboptions:
bucket_accelerate_configuration:
default: false
description: Retrive S3 accelerate configuration.
type: bool
bucket_acl:
default: false
description: Retrive S3 bucket ACLs.
type: bool
bucket_cors:
default: false
description: Retrive S3 bucket CORS configuration.
type: bool
bucket_encryption:
default: false
description: Retrive S3 bucket encryption.
type: bool
bucket_lifecycle_configuration:
default: false
description: Retrive S3 bucket lifecycle configuration.
type: bool
bucket_location:
default: false
description: Retrive S3 bucket location.
type: bool
bucket_logging:
default: false
description: Retrive S3 bucket logging.
type: bool
bucket_notification_configuration:
default: false
description: Retrive S3 bucket notification configuration.
type: bool
bucket_ownership_controls:
default: false
description:
- Retrive S3 ownership controls.
type: bool
bucket_policy:
default: false
description: Retrive S3 bucket policy.
type: bool
bucket_policy_status:
default: false
description: Retrive S3 bucket policy status.
type: bool
bucket_replication:
default: false
description: Retrive S3 bucket replication.
type: bool
bucket_request_payment:
default: false
description: Retrive S3 bucket request payment.
type: bool
bucket_tagging:
default: false
description: Retrive S3 bucket tagging.
type: bool
bucket_website:
default: false
description: Retrive S3 bucket website.
type: bool
public_access_block:
default: false
description: Retrive S3 bucket public access block.
type: bool
type: dict
version_added: 1.4.0
version_added_collection: community.aws
endpoint_url:
aliases:
- ec2_url
- aws_endpoint_url
- s3_url
description:
- URL to connect to instead of the default AWS endpoints. While this can be used
to connection to other AWS-compatible services the amazon.aws and community.aws
collections are only tested against AWS.
- The C(AWS_URL) or C(EC2_URL) environment variables may also be used, in decreasing
order of preference.
- The I(ec2_url) and I(s3_url) aliases have been deprecated and will be removed in
a release after 2024-12-01.
- Support for the C(EC2_URL) environment variable has been deprecated and will be
removed in a release after 2024-12-01.
type: str
aws_ca_bundle:
description:
- The location of a CA Bundle to use when validating SSL certificates.
- The C(AWS_CA_BUNDLE) environment variable may also be used.
type: path
session_token:
aliases:
- aws_session_token
- security_token
- aws_security_token
- access_token
description:
- AWS STS session token for use with temporary credentials.
- See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
- The C(AWS_SESSION_TOKEN), C(AWS_SECURITY_TOKEN) or C(EC2_SECURITY_TOKEN) environment
variables may also be used in decreasing order of preference.
- The I(security_token) and I(profile) options are mutually exclusive.
- Aliases I(aws_session_token) and I(session_token) were added in release 3.2.0, with
the parameter being renamed from I(security_token) to I(session_token) in release
6.0.0.
- The I(security_token), I(aws_security_token), and I(access_token) aliases have been
deprecated and will be removed in a release after 2024-12-01.
- Support for the C(EC2_SECRET_KEY) and C(AWS_SECURITY_TOKEN) environment variables
has been deprecated and will be removed in a release after 2024-12-01.
type: str
validate_certs:
default: true
description:
- When set to C(false), SSL certificates will not be validated for communication with
the AWS APIs.
- Setting I(validate_certs=false) is strongly discouraged, as an alternative, consider
setting I(aws_ca_bundle) instead.
type: bool
transform_location:
default: false
description:
- S3 bucket location for default us-east-1 is normally reported as C(null).
- Setting this option to C(true) will return C(us-east-1) instead.
- Affects only queries with I(bucket_facts=true) and I(bucket_location=true).
type: bool
version_added: 1.4.0
version_added_collection: community.aws
debug_botocore_endpoint_logs:
default: false
description:
- Use a C(botocore.endpoint) logger to parse the unique (rather than total) C("resource:action")
API calls made during a task, outputing the set to the resource_actions key in the
task results. Use the C(aws_resource_action) callback to output to total list made
during a playbook.
- The C(ANSIBLE_DEBUG_BOTOCORE_LOGS) environment variable may also be used.
type: bool
bucket_list:
contains:
bucket_acl:
contains:
Grants:
description: List of ACL grants.
sample: []
type: list
Owner:
contains:
DisplayName:
description: Bucket owner user display name.
returned: always
sample: username
type: str
ID:
description: Bucket owner user ID.
returned: always
sample: 123894e509349etc
type: str
description: Bucket owner information.
type: complex
description: Bucket ACL configuration.
returned: when I(bucket_facts=true) and I(bucket_acl=true)
type: complex
bucket_cors:
contains:
CORSRules:
description: Bucket CORS configuration.
returned: when CORS rules are defined for the bucket
sample: []
type: list
description: Bucket CORS configuration.
returned: when I(bucket_facts=true) and I(bucket_cors=true)
type: complex
bucket_encryption:
contains:
ServerSideEncryptionConfiguration:
contains:
Rules:
description: List of applied encryptio rules.
returned: when encryption is enabled on the bucket
sample:
ApplyServerSideEncryptionByDefault:
SSEAlgorithm: AES256
BucketKeyEnabled: false
type: list
description: ServerSideEncryptionConfiguration configuration.
returned: when encryption is enabled on the bucket
type: complex
description: Bucket encryption configuration.
returned: when I(bucket_facts=true) and I(bucket_encryption=true)
type: complex
bucket_lifecycle_configuration:
contains:
Rules:
description: List of lifecycle management rules.
returned: when lifecycle configuration is present
sample:
- ID: example-rule
Status: Enabled
type: list
description: Bucket lifecycle configuration settings.
returned: when I(bucket_facts=true) and I(bucket_lifecycle_configuration=true)
type: complex
bucket_location:
contains:
LocationConstraint:
description: AWS region.
returned: always
sample: us-east-2
type: str
description: Bucket location.
returned: when I(bucket_facts=true) and I(bucket_location=true)
type: complex
bucket_logging:
contains:
LoggingEnabled:
contains:
TargetBucket:
description: Target bucket name.
returned: always
sample: logging-bucket-name
type: str
TargetPrefix:
description: Prefix in target bucket.
returned: always
sample: ''
type: str
description: Server access logging configuration.
returned: when server access logging is defined for the bucket
type: complex
description: Server access logging configuration.
returned: when I(bucket_facts=true) and I(bucket_logging=true)
type: complex
bucket_name_filter:
description: String used to limit buckets. See I(name_filter).
returned: when I(name_filter) is defined
sample: filter-by-this-string
type: str
bucket_notification_configuration:
contains:
TopicConfigurations:
description: List of notification events configurations.
returned: when at least one notification is configured
sample: []
type: list
description: Bucket notification settings.
returned: when I(bucket_facts=true) and I(bucket_notification_configuration=true)
type: complex
bucket_ownership_controls:
contains:
OwnershipControls:
contains:
Rules:
description: List of ownership rules.
returned: when ownership rule is defined
sample:
- 'ObjectOwnership:': ObjectWriter
type: list
description: Object ownership settings.
returned: when ownership controls are defined for the bucket
type: complex
description: Preffered object ownership settings.
returned: when I(bucket_facts=true) and I(bucket_ownership_controls=true)
type: complex
bucket_policy:
description: Bucket policy contents.
returned: when I(bucket_facts=true) and I(bucket_policy=true)
sample: '{"Version":"2012-10-17","Statement":[{"Sid":"AddCannedAcl","Effect":"Allow",..}}]}'
type: str
bucket_policy_status:
contains:
PolicyStatus:
contains:
IsPublic:
description: Report bucket policy public status.
returned: when bucket policy is present
sample: true
type: bool
description: Status of bucket policy.
returned: when bucket policy is present
type: complex
description: Status of bucket policy.
returned: when I(bucket_facts=true) and I(bucket_policy_status=true)
type: complex
bucket_replication:
contains:
Role:
description: IAM role used for replication.
returned: when replication rule is defined
sample: arn:aws:iam::123:role/example-role
type: str
Rules:
description: List of replication rules.
returned: when replication rule is defined
sample:
- Filter: '{}'
ID: rule-1
type: list
description: Replication configuration settings.
returned: when I(bucket_facts=true) and I(bucket_replication=true)
type: complex
bucket_request_payment:
contains:
Payer:
description: Current payer.
returned: always
sample: BucketOwner
type: str
description: Requester pays setting.
returned: when I(bucket_facts=true) and I(bucket_request_payment=true)
type: complex
bucket_tagging:
description: Bucket tags.
returned: when I(bucket_facts=true) and I(bucket_tagging=true)
sample:
Tag1: Value1
Tag2: Value2
type: dict
bucket_website:
contains:
ErrorDocument:
description: Object serving as HTTP error page.
returned: when static website hosting is enabled
sample:
Key: error.html
type: dict
IndexDocument:
description: Object serving as HTTP index page.
returned: when static website hosting is enabled
sample:
Suffix: error.html
type: dict
RedirectAllRequestsTo:
contains:
HostName:
description: Hostname to redirect.
returned: always
sample: www.example.com
type: str
Protocol:
description: Protocol used for redirect.
returned: always
sample: https
type: str
description: Website redict settings.
returned: when redirect requests is configured
type: complex
description: Static website hosting.
returned: when I(bucket_facts=true) and I(bucket_website=true)
type: complex
creation_date:
description: Bucket creation date timestamp.
returned: always
sample: '2021-01-21T12:44:10+00:00'
type: str
name:
description: Bucket name.
returned: always
sample: a-testing-bucket-name
type: str
public_access_block:
contains:
PublicAccessBlockConfiguration:
contains:
BlockPublicAcls:
description: BlockPublicAcls setting value.
sample: true
type: bool
BlockPublicPolicy:
description: BlockPublicPolicy setting value.
sample: true
type: bool
IgnorePublicAcls:
description: IgnorePublicAcls setting value.
sample: true
type: bool
RestrictPublicBuckets:
description: RestrictPublicBuckets setting value.
sample: true
type: bool
description: PublicAccessBlockConfiguration data.
returned: when PublicAccessBlockConfiguration is defined for the bucket
type: complex
description: Bucket public access block configuration.
returned: when I(bucket_facts=true) and I(public_access_block=true)
type: complex
description: List of buckets
returned: always
type: complex