Aws waf region (#48953)

* Add waiter for AWSRegional * Add support for WAF Regional * Add support for regional waf web acl * Remove set_trace, pep formatting * Add paginator for regional_waf * Change name of param for waf_regional This is more in line with how AWS refers to the service. Additional changes made to how client is called. Used ternary to reduce if statements * Change parameter name to waf_regional * Add support for removal waf regional condition * Change parameter from cloudfront to waf_regional * Added state: absent waf rule * Remove set_trace * Add integration tests for waf regional * WIP: adding region parameter to tests * Add support for waf facts module * Add region to waf regional integration tests * Update security policy for waf regional testing * Add type to documentation for waf_regional param
2026-05-07 05:42:50 +00:00 · 2019-05-16 17:36:14 -07:00
parent 32620b7e00
commit c8e179fbf1
8 changed files with 758 additions and 28 deletions
--- a/lib/ansible/module_utils/aws/waf.py
+++ b/lib/ansible/module_utils/aws/waf.py
@@ -162,15 +162,38 @@ def list_rules_with_backoff(client):
    return paginator.paginate().build_full_result()['Rules']


+@AWSRetry.backoff(tries=5, delay=5, backoff=2.0)
+def list_regional_rules_with_backoff(client):
+    resp = client.list_rules()
+    rules = []
+    while resp:
+        rules += resp['Rules']
+        resp = client.list_rules(NextMarker=resp['NextMarker']) if 'NextMarker' in resp else None
+    return rules
+
+
@AWSRetry.backoff(tries=5, delay=5, backoff=2.0)
 def list_web_acls_with_backoff(client):
    paginator = client.get_paginator('list_web_acls')
    return paginator.paginate().build_full_result()['WebACLs']


+@AWSRetry.backoff(tries=5, delay=5, backoff=2.0)
+def list_regional_web_acls_with_backoff(client):
+    resp = client.list_web_acls()
+    acls = []
+    while resp:
+        acls += resp['WebACLs']
+        resp = client.list_web_acls(NextMarker=resp['NextMarker']) if 'NextMarker' in resp else None
+    return acls
+
+
 def list_web_acls(client, module):
    try:
-        return list_web_acls_with_backoff(client)
+        if client.__class__.__name__ == 'WAF':
+            return list_web_acls_with_backoff(client)
+        elif client.__class__.__name__ == 'WAFRegional':
+            return list_regional_web_acls_with_backoff(client)
    except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
        module.fail_json_aws(e, msg="Couldn't obtain web acls")

--- a/lib/ansible/module_utils/aws/waiters.py
+++ b/lib/ansible/module_utils/aws/waiters.py
@@ -305,6 +305,12 @@ waiters_by_name = {
        core_waiter.NormalizedOperationMethod(
            waf.get_change_token_status
        )),
+    ('WAFRegional', 'change_token_in_sync'): lambda waf: core_waiter.Waiter(
+        'change_token_in_sync',
+        waf_model('ChangeTokenInSync'),
+        core_waiter.NormalizedOperationMethod(
+            waf.get_change_token_status
+        )),
    ('EKS', 'cluster_active'): lambda eks: core_waiter.Waiter(
        'cluster_active',
        eks_model('ClusterActive'),