diff options
| author | Matthew Davis <Matthew.Davis.2@team.telstra.com> | 2019-11-05 19:57:08 +0100 |
|---|---|---|
| committer | Jill R <4121322+jillr@users.noreply.github.com> | 2019-11-05 19:57:08 +0100 |
| commit | 4ee9f40e6230bf9068ff3d6fad24de71929ad458 (patch) | |
| tree | f1160f3ce860fc3c00fdf1c1101ce38c72517443 /hacking | |
| parent | Remove empty overridden unittest.setUp and unittest.tearDown methods. (diff) | |
| download | ansible-4ee9f40e6230bf9068ff3d6fad24de71929ad458.tar.xz ansible-4ee9f40e6230bf9068ff3d6fad24de71929ad458.zip | |
Add aws_acm module (#60552)
* convert aws_acm_facts to AnsibleAWSModule
* factor aws_acm_facts into module_utils
* add more filtering options for aws_acm_info
* add aws_acm module and tests
* uncomment aws_acm test
* fix linting for aws_acm
* fix __future__ linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix linting for aws_acm
* fix aws_acm_info arg type
* remove test for old module name aws_acm_facts
* simplify AWS ACM client creation
* fix indent typo in aws_acm test
* catch BotoCoreError in aws_acm
* fix indent typo in aws_acm test
* tighten AWS ACM test policy resource
* move aws acm int test to venv
* remove errant file
* fix AWS ACM int test perms
* undo copyright addition to wrong file
* fix invalid log message in aws_acm
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rephrase aws_acm_info doc from facts to information
Co-Authored-By: Jill R <4121322+jillr@users.noreply.github.com>
* rename aws_facts var to aws_info
* remove case insensitivity for aws_acm pem compare
* add no_log for aws_acm credential setting
* add per-test prefix to aws_acm test resource names
* make aws_acm use crypto module_util
* clarify copyright for aws_acm
* make aws_acm int test clearer
* add explicit crypto dependency to aws_acm
* change requests for aws_acm pr
* fix wrong copyright owner aws_acm test
* fix wrong copyright owner aws_acm test
* rewrite aws_acm cert chain compare with regex, no dependency
* fix linting for aws_acm unit test
* fix linting for aws_acm unit test
* fix linting and duplicate ignore
* fix failed cert chain split in aws_acm, add more tests
* remove errant file
* more linting fixes for aws_acm
* fix sanity ignore
* rewrite cert compare in aws_acm to use base64 decode
* improve regex for pem cert chain split in aws_acm
* undo changes to crypto module util for aws_acm
* increment ansible version for new aws_acm module
* convert aws_acm return(x) to return x
* increment version added for aws_acm_info new features
* fix linting
* fix bugs with AWS ACM
* fix bad rebase
* disable AWS ACM integration test, due to AWS account limit issue
* remove aws acm integration test from shippable group
Diffstat (limited to 'hacking')
| -rw-r--r-- | hacking/aws_config/testing_policies/security-policy.json | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/hacking/aws_config/testing_policies/security-policy.json b/hacking/aws_config/testing_policies/security-policy.json index e38842ef55..f0d0768a7a 100644 --- a/hacking/aws_config/testing_policies/security-policy.json +++ b/hacking/aws_config/testing_policies/security-policy.json @@ -195,6 +195,31 @@ "arn:aws:iam::{{ aws_account }}:user/ansible-test*", "arn:aws:iam::{{ aws_account }}:group/ansible-test*" ] + }, + { + "Sid": "AllowAccessToACMRestrictable", + "Effect": "Allow", + "Action": [ + "acm:ImportCertificate", + "acm:DescribeCertificate", + "acm:GetCertificate", + "acm:AddTagsToCertificate", + "acm:DeleteCertificate" + ], + "Resource": [ + "arn:aws:acm:{{aws_region}}:{{aws_account}}:certificate/*" + ] + }, + { + "Sid": "AllowAccessToACMUnrestrictable", + "Effect": "Allow", + "Action": [ + "acm:ListCertificates", + "acm:ListTagsForCertificate" + ], + "Resource": [ + "*" + ] } ] } |