diff options
| author | Mick Bass <mick.bass@47lining.com> | 2014-12-25 13:31:34 -0700 |
|---|---|---|
| committer | Mick Bass <mick.bass@47lining.com> | 2014-12-25 13:31:34 -0700 |
| commit | 17498b58bb85b18368ede4372093297de740eab6 (patch) | |
| tree | 233a28d5c44d8382ef215a7fe1a929f24e92f01a /lib/ansible/module_utils/ec2.py | |
| parent | 5ed7a55990e446b0f4a214e3e7228e3483390635 (diff) | |
| download | ansible-17498b58bb85b18368ede4372093297de740eab6.tar.gz | |
Add support for AWS Security Token Service (temporary credentials) to all AWS cloud modules.
Diffstat (limited to 'lib/ansible/module_utils/ec2.py')
| -rw-r--r-- | lib/ansible/module_utils/ec2.py | 28 |
1 files changed, 15 insertions, 13 deletions
diff --git a/lib/ansible/module_utils/ec2.py b/lib/ansible/module_utils/ec2.py index 0f08fead18..c7bad2970b 100644 --- a/lib/ansible/module_utils/ec2.py +++ b/lib/ansible/module_utils/ec2.py @@ -54,7 +54,7 @@ def aws_common_argument_spec(): aws_secret_key=dict(aliases=['ec2_secret_key', 'secret_key'], no_log=True), aws_access_key=dict(aliases=['ec2_access_key', 'access_key']), validate_certs=dict(default=True, type='bool'), - security_token=dict(no_log=True), + security_token=dict(aliases=['access_token'], no_log=True), profile=dict(), ) @@ -87,38 +87,38 @@ def get_aws_connection_info(module): validate_certs = module.params.get('validate_certs') if not ec2_url: - if 'EC2_URL' in os.environ: - ec2_url = os.environ['EC2_URL'] - elif 'AWS_URL' in os.environ: + if 'AWS_URL' in os.environ: ec2_url = os.environ['AWS_URL'] + elif 'EC2_URL' in os.environ: + ec2_url = os.environ['EC2_URL'] if not access_key: - if 'EC2_ACCESS_KEY' in os.environ: - access_key = os.environ['EC2_ACCESS_KEY'] - elif 'AWS_ACCESS_KEY_ID' in os.environ: + if 'AWS_ACCESS_KEY_ID' in os.environ: access_key = os.environ['AWS_ACCESS_KEY_ID'] elif 'AWS_ACCESS_KEY' in os.environ: access_key = os.environ['AWS_ACCESS_KEY'] + elif 'EC2_ACCESS_KEY' in os.environ: + access_key = os.environ['EC2_ACCESS_KEY'] else: # in case access_key came in as empty string access_key = None if not secret_key: - if 'EC2_SECRET_KEY' in os.environ: - secret_key = os.environ['EC2_SECRET_KEY'] - elif 'AWS_SECRET_ACCESS_KEY' in os.environ: + if 'AWS_SECRET_ACCESS_KEY' in os.environ: secret_key = os.environ['AWS_SECRET_ACCESS_KEY'] elif 'AWS_SECRET_KEY' in os.environ: secret_key = os.environ['AWS_SECRET_KEY'] + elif 'EC2_SECRET_KEY' in os.environ: + secret_key = os.environ['EC2_SECRET_KEY'] else: # in case secret_key came in as empty string secret_key = None if not region: - if 'EC2_REGION' in os.environ: - region = os.environ['EC2_REGION'] - elif 'AWS_REGION' in os.environ: + if 'AWS_REGION' in os.environ: region = os.environ['AWS_REGION'] + elif 'EC2_REGION' in os.environ: + region = os.environ['EC2_REGION'] else: # boto.config.get returns None if config not found region = boto.config.get('Boto', 'aws_region') @@ -128,6 +128,8 @@ def get_aws_connection_info(module): if not security_token: if 'AWS_SECURITY_TOKEN' in os.environ: security_token = os.environ['AWS_SECURITY_TOKEN'] + elif 'EC2_SECURITY_TOKEN' in os.environ: + security_token = os.environ['EC2_SECURITY_TOKEN'] else: # in case security_token came in as empty string security_token = None |