From 4749b75090216691eca3a764c14720e1415edcd1 Mon Sep 17 00:00:00 2001 From: Sloane Hertel Date: Fri, 17 Mar 2017 16:26:49 -0400 Subject: [PATCH] [cloud] ec2_eni: don't modify a network interface without eni_id - fixes #22401 (#22689) * don't modify an eni without eni_id fix pep8 remove ec2_eni from pep8 legacy files remove a couple unused variables in main() fix the documentation * fix yaml --- lib/ansible/modules/cloud/amazon/ec2_eni.py | 61 +++++++++++++-------- test/sanity/pep8/legacy-files.txt | 1 - 2 files changed, 39 insertions(+), 23 deletions(-) diff --git a/lib/ansible/modules/cloud/amazon/ec2_eni.py b/lib/ansible/modules/cloud/amazon/ec2_eni.py index 2f2c8b57c2..dbc136f8ba 100644 --- a/lib/ansible/modules/cloud/amazon/ec2_eni.py +++ b/lib/ansible/modules/cloud/amazon/ec2_eni.py @@ -23,21 +23,21 @@ DOCUMENTATION = ''' module: ec2_eni short_description: Create and optionally attach an Elastic Network Interface (ENI) to an instance description: - - Create and optionally attach an Elastic Network Interface (ENI) to an instance. If an ENI ID or private_ip is \ - provided, the existing ENI (if any) will be modified. The 'attached' parameter controls the attachment status \ + - Create and optionally attach an Elastic Network Interface (ENI) to an instance. If an ENI ID or private_ip is + provided, the existing ENI (if any) will be modified. The 'attached' parameter controls the attachment status of the network interface. version_added: "2.0" author: "Rob White (@wimnat)" options: eni_id: description: - - The ID of the ENI + - The ID of the ENI (to modify); if null and state is present, a new eni will be created. required: false default: null instance_id: description: - - Instance ID that you wish to attach ENI to. Since version 2.2, use the 'attached' parameter to attach or \ - detach an ENI. Prior to 2.2, to detach an ENI from an instance, use 'None'. + - Instance ID that you wish to attach ENI to. Since version 2.2, use the 'attached' parameter to attach or + detach an ENI. Prior to 2.2, to detach an ENI from an instance, use 'None'. required: false default: null private_ip_address: @@ -56,8 +56,8 @@ options: default: null security_groups: description: - - List of security groups associated with the interface. Only used when state=present. Since version 2.2, you \ - can specify security groups by ID or by name or a combination of both. Prior to 2.2, you can specify only by ID. + - List of security groups associated with the interface. Only used when state=present. Since version 2.2, you + can specify security groups by ID or by name or a combination of both. Prior to 2.2, you can specify only by ID. required: false default: null state: @@ -73,27 +73,31 @@ options: default: 0 attached: description: - - Specifies if network interface should be attached or detached from instance. If ommited, attachment status \ - won't change + - Specifies if network interface should be attached or detached from instance. If ommited, attachment status + won't change required: false default: yes version_added: 2.2 force_detach: description: - - Force detachment of the interface. This applies either when explicitly detaching the interface by setting instance_id to None or when deleting an interface with state=absent. + - Force detachment of the interface. This applies either when explicitly detaching the interface by setting instance_id + to None or when deleting an interface with state=absent. required: false default: no delete_on_termination: description: - - Delete the interface when the instance it is attached to is terminated. You can only specify this flag when the interface is being modified, not on creation. + - Delete the interface when the instance it is attached to is terminated. You can only specify this flag when the + interface is being modified, not on creation. required: false source_dest_check: description: - - By default, interfaces perform source/destination checks. NAT instances however need this check to be disabled. You can only specify this flag when the interface is being modified, not on creation. + - By default, interfaces perform source/destination checks. NAT instances however need this check to be disabled. + You can only specify this flag when the interface is being modified, not on creation. required: false secondary_private_ip_addresses: description: - - A list of IP addresses to assign as secondary IP addresses to the network interface. This option is mutually exclusive of secondary_private_ip_address_count + - A list of IP addresses to assign as secondary IP addresses to the network interface. + This option is mutually exclusive of secondary_private_ip_address_count required: false version_added: 2.2 secondary_private_ip_address_count: @@ -248,8 +252,8 @@ except ImportError: from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.ec2 import (AnsibleAWSError, connect_to_aws, - ec2_argument_spec, get_aws_connection_info, - get_ec2_security_group_ids_from_names) + ec2_argument_spec, get_aws_connection_info, + get_ec2_security_group_ids_from_names) def get_eni_info(interface): @@ -257,7 +261,7 @@ def get_eni_info(interface): # Private addresses private_addresses = [] for ip in interface.private_ip_addresses: - private_addresses.append({ 'private_ip_address': ip.private_ip_address, 'primary_address': ip.primary }) + private_addresses.append({'private_ip_address': ip.private_ip_address, 'primary_address': ip.primary}) interface_info = {'id': interface.id, 'subnet_id': interface.subnet_id, @@ -387,18 +391,30 @@ def modify_eni(connection, vpc_id, module, eni): if secondary_private_ip_addresses is not None: secondary_addresses_to_remove = list(set(current_secondary_addresses) - set(secondary_private_ip_addresses)) if secondary_addresses_to_remove: - connection.unassign_private_ip_addresses(network_interface_id=eni.id, private_ip_addresses=list(set(current_secondary_addresses) - set(secondary_private_ip_addresses)), dry_run=False) - connection.assign_private_ip_addresses(network_interface_id=eni.id, private_ip_addresses=secondary_private_ip_addresses, secondary_private_ip_address_count=None, allow_reassignment=False, dry_run=False) + connection.unassign_private_ip_addresses(network_interface_id=eni.id, + private_ip_addresses=list(set(current_secondary_addresses) - + set(secondary_private_ip_addresses)), + dry_run=False) + connection.assign_private_ip_addresses(network_interface_id=eni.id, + private_ip_addresses=secondary_private_ip_addresses, + secondary_private_ip_address_count=None, + allow_reassignment=False, dry_run=False) if secondary_private_ip_address_count is not None: current_secondary_address_count = len(current_secondary_addresses) if secondary_private_ip_address_count > current_secondary_address_count: - connection.assign_private_ip_addresses(network_interface_id=eni.id, private_ip_addresses=None, secondary_private_ip_address_count=(secondary_private_ip_address_count - current_secondary_address_count), allow_reassignment=False, dry_run=False) + connection.assign_private_ip_addresses(network_interface_id=eni.id, + private_ip_addresses=None, + secondary_private_ip_address_count=(secondary_private_ip_address_count - + current_secondary_address_count), + allow_reassignment=False, dry_run=False) changed = True elif secondary_private_ip_address_count < current_secondary_address_count: # How many of these addresses do we want to remove secondary_addresses_to_remove_count = current_secondary_address_count - secondary_private_ip_address_count - connection.unassign_private_ip_addresses(network_interface_id=eni.id, private_ip_addresses=current_secondary_addresses[:secondary_addresses_to_remove_count], dry_run=False) + connection.unassign_private_ip_addresses(network_interface_id=eni.id, + private_ip_addresses=current_secondary_addresses[:secondary_addresses_to_remove_count], + dry_run=False) if attached is True: if eni.attachment and eni.attachment.instance_id != instance_id: @@ -467,6 +483,9 @@ def find_eni(connection, module): instance_id = module.params.get('instance_id') device_index = module.params.get('device_index') + if not eni_id: + return None + try: filters = {} if subnet_id: @@ -556,8 +575,6 @@ def main(): module.fail_json(msg="region must be specified") state = module.params.get("state") - eni_id = module.params.get("eni_id") - private_ip_address = module.params.get('private_ip_address') if state == 'present': subnet_id = module.params.get("subnet_id") diff --git a/test/sanity/pep8/legacy-files.txt b/test/sanity/pep8/legacy-files.txt index 8ea9438f0e..485587682f 100644 --- a/test/sanity/pep8/legacy-files.txt +++ b/test/sanity/pep8/legacy-files.txt @@ -26,7 +26,6 @@ lib/ansible/modules/cloud/amazon/ec2_asg.py lib/ansible/modules/cloud/amazon/ec2_asg_facts.py lib/ansible/modules/cloud/amazon/ec2_customer_gateway.py lib/ansible/modules/cloud/amazon/ec2_elb.py -lib/ansible/modules/cloud/amazon/ec2_eni.py lib/ansible/modules/cloud/amazon/ec2_eni_facts.py lib/ansible/modules/cloud/amazon/ec2_lc.py lib/ansible/modules/cloud/amazon/ec2_metric_alarm.py