amazon.aws 9.2.0

Release Summary

This release includes a new module route53_key_signing_key, bug fixes, minor changes, and linting corrections across multiple modules.

Minor Changes

• autoscaling_group - avoid assignment to unused variable in except block (#2464).
• ec2_ami - avoid redefining delete_snapshot inside DeregisterImage.do (#2444).
• ec2_transit_gateway - avoid assignment to unused retry_decorator variable (#2464).
• ec2_vpc_egress_igw - avoid assignment to unused vpc_id variable (#2464).
• ec2_vpc_nacl - avoid assignment to unused result variable (#2464).
• ec2_vpc_vpn - minor linting fixups (#2444).
• iam_password_policy - avoid assignment to unused variable in except block (#2464).
• iam_role - avoid assignment to unused variable in except block (#2464).
• inventory/aws_ec2 - Support jinja2 expression in hostnames variable(#2402).
• kms_key - avoid assignment to unused variable in except block (#2464).
• lambda - avoid assignment to unused architecture variable (#2464).
• lambda - avoid assignment to unused required_by variable (#2464).
• module_utils._s3 - explicitly cast super to the parent type (#2497).
• module_utils.botocore - avoid assigning unused parts of exc_info return (#2497).
• module_utils.exceptions - avoid assigning unused parts of exc_info return (#2497).
• module_utils.iam - avoid assignment to unused result variable (#2464).
• module_utils.s3 - avoid assignment to unused endpoint variable (#2464).
• plugin_utils/inventory - Add filters to list of templatable inventory options (#2379)
• route53 - Add support for type SSHFP records (#2430).
• route53_zone - Add support for enabling DNSSEC signing in a specific hosted zone (#1976).
• route53_zone - avoid assignmenta to unused current_vpc_ids and current_vpc_regions variables (#2464).
• s3_bucket - avoid assignment to unused variable in except block (#2464).
• s3_bucket - avoid redefining id inside handle_bucket_inventory and delete_bucket_inventory (#2444).
• s3_object - avoid redefining key_check inside _head_object (#2444).
• s3_object - simplify path_check logic (#2444).
• s3_object - use the copy rather than copy_object method when performing an S3 to S3 copy (#2117).
• s3_object_info - add support to list objects under a specific prefix (#2477).
• s3_object_info - avoid assignment to unused variable in except block (#2464).

Bugfixes

• ec2_instance - Fix issue where EC2 instance module failed to apply security groups when both network and vpc_subnet_id` were specified, caused by passing None to discover_security_groups() (#2488).
• ec2_vpc_nacl_info - Fix failure when listing NetworkACLs and no ACLs are found (#2425).
• iam_access_key - add missing requirements checks (#2465).
• module_utils.botocore - fixed type aliasing (#2497).
• plugin_utils.botocore - fixed type aliasing (#2497).
• s3_bucket - Do not use default region as location constraint when creating bucket on ceph cluster (#2420).

New Modules

• route53_key_signing_key - Manages a key-signing key (KSK)

amazon.aws 8.2.3

Release Summary

This release includes bugfixes for the ec2_instance and s3_bucket modules.

Bugfixes

• ec2_instance - Fix issue where EC2 instance module failed to apply security groups when both network and vpc_subnet_id` were specified, caused by passing None to discover_security_groups() (#2488).
• s3_bucket - Do not use default region as location constraint when creating bucket on ceph cluster (#2420).

amazon.aws 8.2.2

Release Summary

This release includes bugfixes for the aws_ec2 inventory plugin and the cloudformation, ec2_security_group, ec2_vol, ec2_vpc_net, lambda, rds_cluster, and s3_bucket modules.

Bugfixes

• aws_ec2 - fix SSM inventory collection for multiple (>40) hosts (#2227).
• cloudformation - Fix bug where termination protection is not updated when create_changeset=true is used for stack updates (#2391).
• ec2_security_group - Fix the diff mode issue when creating a security group containing a rule with a managed prefix list (#2373).
• ec2_vol - output volume informations when volume exists in check mode (#2133).
• ec2_vpc_net - handle ipv6_cidr false and no Ipv6CidrBlockAssociationSet in vpc (#2374).
• lambda - Remove non UTF-8 data (contents of Lambda ZIP file) from the module output to avoid Ansible error (#2386).
• rds_cluster - Fix issue occurring when updating RDS cluster domain (#2390).
• s3_bucket - Fixes Python 3.7 compilation issue due to addition of typing information (#2287).

amazon.aws 9.1.1

Release Summary

This release includes bug fixes for the cloudformation, ec2_security_group, lambda, rds_cluster, and ec2_vpc_net modules as well as one for the ec2 module_util.

Bugfixes

• cloudformation - Fix bug where termination protection is not updated when create_changeset=true is used for stack updates (#2391).
• ec2_security_group - Fix the diff mode issue when creating a security group containing a rule with a managed prefix list (#2373).
• ec2_vpc_net - handle ipv6_cidr false and no Ipv6CidrBlockAssociationSet in vpc (#2374).
• lambda - Remove non UTF-8 data (contents of Lambda ZIP file) from the module output to avoid Ansible error (#2386).
• module_utils/ec2 - catch error code InvalidElasticIpID.NotFound on function create_nat_gateway(), sometimes the allocate_address API calls will return the ID for a new elastic IP resource before it can be consistently referenced (#1872).
• rds_cluster - Fix issue occurring when updating RDS cluster domain (#2390).

amazon.aws 9.1.0

Release Summary

This release brings several bugfixes, minor changes, a new rds_instance_param_group_info module, and some deprecations for the autoscaling_group module.

Minor Changes

• autoscaling_group - adds group_name as an alias for the name parameter (#2396).
• autoscaling_group_info - adds group_name as an alias for the name parameter (#2396).
• autoscaling_instance_refresh - adds group_name as an alias for the name parameter (#2396).
• autoscaling_instance_refresh_info - adds group_name as an alias for the name parameter (#2396).
• ec2_instance - Fix the issue when trying to run instances using launch template in an AWS environment where no default subnet is defined(#2321).
• ec2_metadata_facts - add ansible_ec2_instance_tags to return values (#2398).
• ec2_transit_gateway - handle empty description while deleting transit gateway (ansible-collections/community.aws#2086).

Deprecated Features

• autoscaling_group - the decrement_desired_capacity parameter has been deprecated and will be removed in release 14.0.0 of this collection. Management of instances attached an autoscaling group can be performed using the amazon.aws.autoscaling_instance module (#2396).
• autoscaling_group - the replace_batch_size, lc_check and lt_check parameters have been deprecated and will be removed in release 14.0.0 of this collection. Rolling replacement of instances in an autoscaling group can be performed using the amazon.aws.autoscaling_instance_refresh module (#2396).
• autoscaling_group - the functionality provided through the detach_instances parameter has been deprecated and will be removed in release 14.0.0 of this collection. Management of instances attached an autoscaling group can be performed using the amazon.aws.autoscaling_instance module (#2396).
• autoscaling_group - the functionality provided through the replace_all_instances parameter has been deprecated and will be removed in release 14.0.0 of this collection. Rolling replacement of instances in an autoscaling group can be performed using the amazon.aws.autoscaling_instance_refresh module (#2396).
• autoscaling_group - the functionality provided through the replace_instances parameter has been deprecated and will be removed in release 14.0.0 of this collection. Management of instances attached an autoscaling group can be performed using the amazon.aws.autoscaling_instance module (#2396).

Bugfixes

• elbv2 - Fix load balancer listener comparison when DefaultActions contain any action other than forward (#2377).

New Modules

• rds_instance_param_group_info - Describes the RDS parameter group.

amazon.aws 9.0.0

Release Summary

This major release brings a new set of supported modules that have been promoted from community.aws, several bugfixes, minor changes and deprecated features. We also dropped support for botocore<1.31.0 and boto3<1.28.0. Due to the AWS SDKs announcing the end of support for Python less than 3.8 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/), support for Python less than 3.8 by this collection was deprecated in this release and will be removed in release 10.0.0.

Major Changes

• autoscaling_instance_refresh - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.autoscaling_instance_refresh (#2338).
• autoscaling_instance_refresh_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.autoscaling_instance_refresh_info (#2338).
• ec2_launch_template - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_launch_template (#2348).
• ec2_placement_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_placement_group.
• ec2_placement_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_placement_group_info.
• ec2_transit_gateway - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_transit_gateway.
• ec2_transit_gateway_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_transit_gateway_info.
• ec2_transit_gateway_vpc_attachment - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_transit_gateway_vpc_attachment.
• ec2_transit_gateway_vpc_attachment_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_transit_gateway_vpc_attachment_info.
• ec2_vpc_egress_igw - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_egress_igw (https://api.github.com/repos/ansible-collections/amazon.aws/pulls/2327).
• ec2_vpc_nacl - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_nacl (#2339).
• ec2_vpc_nacl_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_nacl_info (#2339).
• ec2_vpc_peer - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_peer.
• ec2_vpc_peering_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_peering_info.
• ec2_vpc_vgw - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_vgw.
• ec2_vpc_vgw_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_vgw_info.
• ec2_vpc_vpn - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_vpn.
• ec2_vpc_vpn_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_vpn_info.
• elb_classic_lb_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.elb_classic_lb_info.

Minor Changes

• Add support for transit gateway vpc attachment module (#2314).
• Bump version of ansible-lint to minimum 24.7.0 (#2201).
• Move function determine_iam_role from module ec2_instance to module_utils/ec2 so that it can be used by community.aws.ec2_launch_template module (#2319).
• aws_az_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2163). - aws_region_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2163).
• backup_vault - Update code to remove unnecessary return values returned as None (#2105).
• cloudwatchlogs_log_group_metric_filter - Add support for unit and dimensions options (#2286)
• ec2_ami - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2164).
• ec2_ami_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2164).
• ec2_eip - Add support to update reverse DNS record of an EIP (#2292).
• ec2_eip - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2165). - ec2_eip_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2165).
• ec2_eni - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2166).
• ec2_eni_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2166).
• ec2_import_image - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2167).
• ec2_import_image_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2167).
• ec2_instance - Pass variables client and module as function arguments instead of global variables (#2192).
• ec2_instance - add the possibility to upgrade / downgrade existing ec2 instance type (#469).
• ec2_instance - refactored code to use AnsibleEC2Error and shared code from module_utils.ec2 (#2192).
• ec2_instance_info - Replaced call to deprecated function datetime.utcnow() by datetime.now(timezone.utc) (#2192).
• ec2_instance_info - refactored code to use AnsibleEC2Error and shared code from module_utils.ec2 (#2192).
• ec2_key - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2168).
• ec2_key_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2168).
• ec2_security_group - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2169).
• ec2_security_group_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2169).
• ec2_snapshot - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2099).
• ec2_snapshot_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2099).
• ec2_spot_instance - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (#2099).
• ec2_spot_instance_info - refactored code to use AnsibleEC2Error as well as moving shared code into module_utils.ec2 (<https://gith...

amazon.aws 8.2.1

Release Summary

This is a bugfix release for the iam_role module that resolves the issue where IAM instance profiles were being created when create_instance_profile was set to false and addresses the EntityAlreadyExists exception when the instance profile already existed.

Bugfixes

• iam_role - fixes EntityAlreadyExists exception when create_instance_profile was set to false and the instance profile already existed (#2102).
• iam_role - fixes issue where IAM instance profiles were created when create_instance_profile was set to false (#2281).

amazon.aws 8.2.0

Release Summary

The amazon.aws 8.2.0 release includes a number of bugfixes, some new features and improvements. This releases also introduces a deprecation for the amazon.aws.iam_role module, where support for creating and deleting IAM instance profiles using the create_instance_profile and delete_instance_profile options has been deprecated and will be removed in a release after 2026-05-01.

Minor Changes

• cloudwatch_metric_alarm - add support for evaluate_low_sample_count_percentile` parameter.
• cloudwatch_metric_alarm - support DatapointsToAlarm config (#2196).
• ec2_ami - Add support for uefi-preferred boot mode (#2253).
• ec2_instance - Add support for network_interfaces and network_interfaces_ids options replacing deprecated option network (#2123).
• ec2_instance - network.source_dest_check option has been deprecated and replaced by new option source_dest_check (#2123).
• ec2_instance - add the possibility to create instance with multiple network interfaces (#2123).
• ec2_metadata_facts - Add parameter metadata_token_ttl_seconds (#2209).
• rds_cluster - Add support for I/O-Optimized storage configuration for aurora clusters (#2063).
• rds_instance - snake case for parameter performance_insights_kms_key_id was incorrect according to boto documentation (#2163).
• s3_bucket - Add support for bucket inventories (https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-inventory.html)
• s3_object - Add support for expected_bucket_owner option (#2114).
• ssm parameter lookup - add new option droppath to drop the hierarchical search path from ssm parameter lookup results (#1756).

Deprecated Features

• iam_role - support for creating and deleting IAM instance profiles using the create_instance_profile and delete_instance_profile options has been deprecated and will be removed in a release after 2026-05-01. To manage IAM instance profiles the amazon.aws.iam_instance_profile module can be used instead (#2221).

Bugfixes

• cloudwatch_metric_alarm - Fix idempotency when creating cloudwatch metric alarm without dimensions (#1865).
• ec2_instance - fix state processing when exact_count is used (#1659).
• rds_cluster - Limit params sent to api call to DBClusterIdentifier when using state started or stopped (#2197).
• route53 - modify the return value to return diff only when module._diff is set to true (#2136).
• s3_bucket - catch UnsupportedArgument when calling API GetBucketAccelerationConfig on region where it is not supported (#2180).
• s3_bucket - change the default behaviour of the new accelerate_enabled option to only update the configuration if explicitly passed (#2220).
• s3_bucket - fixes MethodNotAllowed exceptions caused by fetching transfer acceleration state in regions that don't support it (#2266).
• s3_bucket - fixes TypeError: cannot unpack non-iterable NoneType object errors related to bucket versioning, policies, tags or encryption (#2228).

amazon.aws 8.1.0

Release Summary

This release includes several documentation improvements and two new features for the s3_bucket module.

Minor Changes

• s3_bucket - Add object_lock_default_retention to set Object Lock default retention configuration for S3 buckets (#2062).
• s3_bucket - Add support for enabling Amazon S3 Transfer Acceleration by setting the accelerate_enabled option (#2046).

amazon.aws 8.0.1

Release Summary

This release includes some bug fixes for the s3_object, ec2_instance and backup_plan_info modules.

Bugfixes

• backup_plan_info - Bugfix to enable getting info of all backup plans (#2083).
• ec2_instance - do not ignore IPv6 addresses when a single network interface is specified (#1979).
• s3_object - fixed issue which was causing MemoryError exceptions when downloading large files (#2107).