diff --git a/application_autoscaling_policy.py b/application_autoscaling_policy.py index 5d11fe47c0d..6a636e8a7cd 100644 --- a/application_autoscaling_policy.py +++ b/application_autoscaling_policy.py @@ -24,25 +24,25 @@ options: state: description: Whether a policy should be C(present) or C(absent). - required: yes + required: true choices: ['absent', 'present'] type: str policy_name: description: The name of the scaling policy. - required: yes + required: true type: str service_namespace: description: The namespace of the AWS service. - required: yes + required: true choices: ['ecs', 'elasticmapreduce', 'ec2', 'appstream', 'dynamodb'] type: str resource_id: description: The identifier of the resource associated with the scalable target. - required: yes + required: true type: str scalable_dimension: description: The scalable dimension associated with the scalable target. - required: yes + required: true choices: [ 'ecs:service:DesiredCount', 'ec2:spot-fleet-request:TargetCapacity', 'elasticmapreduce:instancegroup:InstanceCount', @@ -54,19 +54,19 @@ type: str policy_type: description: The policy type. - required: yes + required: true choices: ['StepScaling', 'TargetTrackingScaling'] type: str step_scaling_policy_configuration: description: A step scaling policy. This parameter is required if you are creating a policy and I(policy_type=StepScaling). - required: no + required: false type: dict target_tracking_scaling_policy_configuration: description: - A target tracking policy. This parameter is required if you are creating a new policy and I(policy_type=TargetTrackingScaling). - 'Full documentation of the suboptions can be found in the API documentation:' - 'U(https://docs.aws.amazon.com/autoscaling/application/APIReference/API_TargetTrackingScalingPolicyConfiguration.html)' - required: no + required: false type: dict suboptions: CustomizedMetricSpecification: @@ -90,18 +90,18 @@ minimum_tasks: description: The minimum value to scale to in response to a scale in event. This parameter is required if you are creating a first new policy for the specified service. - required: no + required: false type: int maximum_tasks: description: The maximum value to scale to in response to a scale out event. This parameter is required if you are creating a first new policy for the specified service. - required: no + required: false type: int override_task_capacity: description: - Whether or not to override values of minimum and/or maximum tasks if it's already set. - Defaults to C(false). - required: no + required: false type: bool extends_documentation_fragment: - amazon.aws.aws diff --git a/autoscaling_group.py b/autoscaling_group.py index 753f2a08727..84db04bce9c 100644 --- a/autoscaling_group.py +++ b/autoscaling_group.py @@ -339,7 +339,7 @@ vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] tags: - environment: production - propagate_at_launch: no + propagate_at_launch: false # Rolling ASG Updates @@ -361,14 +361,14 @@ region: us-east-1 security_groups: sg-23423 instance_type: m1.small - assign_public_ip: yes + assign_public_ip: true - community.aws.autoscaling_group: name: myasg launch_config_name: my_new_lc health_check_period: 60 health_check_type: ELB - replace_all_instances: yes + replace_all_instances: true min_size: 5 max_size: 5 desired_capacity: 5 @@ -406,7 +406,7 @@ vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] tags: - environment: production - propagate_at_launch: no + propagate_at_launch: false # Basic Configuration with Launch Template using mixed instance policy @@ -432,7 +432,7 @@ vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] tags: - environment: production - propagate_at_launch: no + propagate_at_launch: false ''' RETURN = r''' diff --git a/autoscaling_launch_config.py b/autoscaling_launch_config.py index f1a014a563e..d353afe3b9f 100644 --- a/autoscaling_launch_config.py +++ b/autoscaling_launch_config.py @@ -240,13 +240,13 @@ snapshot: snap-XXXX volume_type: gp2 delete_on_termination: true - encrypted: no + encrypted: false - name: Create launch configuration community.aws.autoscaling_launch_config: name: lc1 image_id: ami-xxxx - assign_public_ip: yes + assign_public_ip: true instance_type: t2.medium key_name: my-key security_groups: "['sg-xxxx']" diff --git a/cloudformation_stack_set.py b/cloudformation_stack_set.py index 750dceb2bf7..c3f631b1a91 100644 --- a/cloudformation_stack_set.py +++ b/cloudformation_stack_set.py @@ -337,7 +337,7 @@ def update_stack_set(module, stack_params, cfn): except is_boto3_error_code('OperationInProgressException') as err: # pylint: disable=duplicate-except module.fail_json_aws( err, msg="Another operation is already in progress on this stack set - please try again later. When making " - "multiple cloudformation_stack_set calls, it's best to enable `wait: yes` to avoid unfinished op errors.") + "multiple cloudformation_stack_set calls, it's best to enable `wait: true` to avoid unfinished op errors.") except (ClientError, BotoCoreError) as err: # pylint: disable=duplicate-except module.fail_json_aws(err, msg="Could not update stack set.") if module.params.get('wait'): diff --git a/cloudfront_distribution.py b/cloudfront_distribution.py index a2d439c7d93..48ff7247e1c 100644 --- a/cloudfront_distribution.py +++ b/cloudfront_distribution.py @@ -75,7 +75,7 @@ purge_aliases: description: - Specifies whether existing aliases will be removed before adding new aliases. - - When I(purge_aliases=yes), existing aliases are removed and I(aliases) are added. + - When I(purge_aliases=true), existing aliases are removed and I(aliases) are added. default: false type: bool @@ -624,7 +624,7 @@ - tested.com tags: Project: distribution 1.2 - purge_tags: yes + purge_tags: true - name: create a distribution with an origin, logging and default cache behavior community.aws.cloudfront_distribution: diff --git a/config_aggregator.py b/config_aggregator.py index 7a9bf4836f7..e4c23b9b5fa 100644 --- a/config_aggregator.py +++ b/config_aggregator.py @@ -85,7 +85,7 @@ - 1234567890 - 0123456789 - 9012345678 - all_aws_regions: yes + all_aws_regions: true ''' RETURN = r'''#''' diff --git a/ec2_ami_copy.py b/ec2_ami_copy.py index ecb723dfea6..46be5ec2024 100644 --- a/ec2_ami_copy.py +++ b/ec2_ami_copy.py @@ -47,7 +47,7 @@ description: - Wait for the copied AMI to be in state C(available) before returning. type: bool - default: 'no' + default: false wait_timeout: description: - How long before wait gives up, in seconds. @@ -87,7 +87,7 @@ source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx - wait: yes + wait: true wait_timeout: 1200 # Default timeout is 600 register: image_id @@ -107,21 +107,21 @@ tags: Name: My-Super-AMI Patch: 1.2.3 - tag_equality: yes + tag_equality: true - name: Encrypted AMI copy community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx - encrypted: yes + encrypted: true - name: Encrypted AMI copy with specified key community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx - encrypted: yes + encrypted: true kms_key_id: arn:aws:kms:us-east-1:XXXXXXXXXXXX:key/746de6ea-50a4-4bcb-8fbc-e3b29f2d367b ''' diff --git a/ec2_snapshot_copy.py b/ec2_snapshot_copy.py index 2d0d40546e7..62612ad0a0a 100644 --- a/ec2_snapshot_copy.py +++ b/ec2_snapshot_copy.py @@ -33,7 +33,7 @@ description: - Whether or not the destination Snapshot should be encrypted. type: bool - default: 'no' + default: false kms_key_id: description: - KMS key id used to encrypt snapshot. If not specified, AWS defaults to C(alias/aws/ebs). @@ -42,7 +42,7 @@ description: - Wait for the copied Snapshot to be in the C(Available) state before returning. type: bool - default: 'no' + default: false wait_timeout: description: - How long before wait gives up, in seconds. @@ -72,7 +72,7 @@ source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx - wait: yes + wait: true wait_timeout: 1200 # Default timeout is 600 register: snapshot_id @@ -89,14 +89,14 @@ source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx - encrypted: yes + encrypted: true - name: Encrypted Snapshot copy with specified key community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx - encrypted: yes + encrypted: true kms_key_id: arn:aws:kms:eu-central-1:XXXXXXXXXXXX:key/746de6ea-50a4-4bcb-8fbc-e3b29f2d367b ''' diff --git a/ec2_transit_gateway.py b/ec2_transit_gateway.py index be1082768fa..73822ebd87d 100644 --- a/ec2_transit_gateway.py +++ b/ec2_transit_gateway.py @@ -90,8 +90,8 @@ - name: Create a new transit gateway with options community.aws.ec2_transit_gateway: asn: 64514 - auto_associate: no - auto_propagate: no + auto_associate: false + auto_propagate: false dns_support: True description: "nonprod transit gateway" purge_tags: False @@ -470,17 +470,17 @@ def setup_module_object(): argument_spec = dict( asn=dict(type='int'), - auto_associate=dict(type='bool', default='yes'), - auto_attach=dict(type='bool', default='no'), - auto_propagate=dict(type='bool', default='yes'), + auto_associate=dict(type='bool', default=True), + auto_attach=dict(type='bool', default=False), + auto_propagate=dict(type='bool', default=True), description=dict(type='str'), - dns_support=dict(type='bool', default='yes'), - purge_tags=dict(type='bool', default='yes'), + dns_support=dict(type='bool', default=True), + purge_tags=dict(type='bool', default=True), state=dict(default='present', choices=['present', 'absent']), tags=dict(type='dict', aliases=['resource_tags']), transit_gateway_id=dict(type='str'), - vpn_ecmp_support=dict(type='bool', default='yes'), - wait=dict(type='bool', default='yes'), + vpn_ecmp_support=dict(type='bool', default=True), + wait=dict(type='bool', default=True), wait_timeout=dict(type='int', default=300) ) diff --git a/ec2_vpc_vpn.py b/ec2_vpc_vpn.py index 4d19a8327d3..039796701f1 100644 --- a/ec2_vpc_vpn.py +++ b/ec2_vpc_vpn.py @@ -26,7 +26,7 @@ - The desired state of the VPN connection. choices: ['present', 'absent'] default: present - required: no + required: false type: str customer_gateway_id: description: @@ -51,13 +51,13 @@ - Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP. default: False type: bool - required: no + required: false tunnel_options: description: - An optional list object containing no more than two dict members, each of which may contain I(TunnelInsideCidr) and/or I(PreSharedKey) keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys. - required: no + required: false type: list elements: dict suboptions: diff --git a/ec2_win_password.py b/ec2_win_password.py index 7f977360e80..2889f334aa8 100644 --- a/ec2_win_password.py +++ b/ec2_win_password.py @@ -89,7 +89,7 @@ instance_id: i-XXXXXX region: us-east-1 key_file: "~/aws-creds/my_test_key.pem" - wait: yes + wait: true wait_timeout: 45 ''' diff --git a/ecs_ecr.py b/ecs_ecr.py index aa08e97d239..a7194659974 100644 --- a/ecs_ecr.py +++ b/ecs_ecr.py @@ -49,7 +49,7 @@ type: bool purge_policy: description: - - If yes, remove the policy from the repository. + - If C(true), remove the policy from the repository. - Defaults to C(false). required: false type: bool @@ -133,7 +133,7 @@ - name: delete-policy community.aws.ecs_ecr: name: needs-no-policy - purge_policy: yes + purge_policy: true - name: create immutable ecr-repo community.aws.ecs_ecr: @@ -143,7 +143,7 @@ - name: set-lifecycle-policy community.aws.ecs_ecr: name: needs-lifecycle-policy - scan_on_push: yes + scan_on_push: true lifecycle_policy: rules: - rulePriority: 1 diff --git a/ecs_task.py b/ecs_task.py index 3db08a5b2af..9da2dcbf45e 100644 --- a/ecs_task.py +++ b/ecs_task.py @@ -165,7 +165,7 @@ started_by: ansible_user launch_type: FARGATE network_configuration: - assign_public_ip: yes + assign_public_ip: true subnets: - subnet-abcd1234 register: task_output diff --git a/eks_cluster.py b/eks_cluster.py index 0794efef16d..abdaee4ff95 100644 --- a/eks_cluster.py +++ b/eks_cluster.py @@ -80,7 +80,7 @@ - name: Remove an EKS cluster community.aws.eks_cluster: name: my_cluster - wait: yes + wait: true state: absent ''' diff --git a/eks_fargate_profile.py b/eks_fargate_profile.py index 4eae0983acc..313f8ad33aa 100644 --- a/eks_fargate_profile.py +++ b/eks_fargate_profile.py @@ -88,13 +88,13 @@ labels: - label1: test state: present - wait: yes + wait: true - name: Remove an EKS Fargate Profile community.aws.eks_fargate_profile: name: test_fargate cluster_name: test_cluster - wait: yes + wait: true state: absent ''' diff --git a/elasticache_parameter_group.py b/elasticache_parameter_group.py index 4cb553931f0..588dcf12214 100644 --- a/elasticache_parameter_group.py +++ b/elasticache_parameter_group.py @@ -29,7 +29,7 @@ name: description: - A user-specified name for the cache parameter group. - required: yes + required: true type: str description: description: diff --git a/elb_application_lb.py b/elb_application_lb.py index 2a2dd771528..37f771355d1 100644 --- a/elb_application_lb.py +++ b/elb_application_lb.py @@ -157,9 +157,9 @@ type: str purge_listeners: description: - - If C(yes), existing listeners will be purged from the ALB to match exactly what is defined by I(listeners) parameter. + - If C(true), existing listeners will be purged from the ALB to match exactly what is defined by I(listeners) parameter. - If the I(listeners) parameter is not set then listeners will not be modified. - default: yes + default: true type: bool subnets: description: @@ -191,7 +191,7 @@ description: - Wait for the load balancer to have a state of 'active' before completing. A status check is performed every 15 seconds until a successful state is reached. An error is returned after 40 failed checks. - default: no + default: false type: bool wait_timeout: description: @@ -200,7 +200,7 @@ purge_rules: description: - When set to C(no), keep the existing load balancer rules in place. Will modify and add, but will not delete. - default: yes + default: true type: bool ip_address_type: description: @@ -249,7 +249,7 @@ # Create an ALB and attach a listener with logging enabled - community.aws.elb_application_lb: - access_logs_enabled: yes + access_logs_enabled: true access_logs_s3_bucket: mybucket access_logs_s3_prefix: "logs" name: myalb diff --git a/elb_instance.py b/elb_instance.py index b0dafecb9ee..dc79cd6ca9e 100644 --- a/elb_instance.py +++ b/elb_instance.py @@ -40,12 +40,12 @@ been enabled. - If I(enable_availability_zone=no), the task will fail if the availability zone is not enabled on the ELB. type: bool - default: 'yes' + default: true wait: description: - Wait for instance registration or deregistration to complete successfully before returning. type: bool - default: 'yes' + default: true wait_timeout: description: - Number of seconds to wait for an instance to change state. diff --git a/elb_target_group.py b/elb_target_group.py index b8110ea0876..cd750be188b 100644 --- a/elb_target_group.py +++ b/elb_target_group.py @@ -69,7 +69,7 @@ description: - Whether or not to alter existing targets in the group to match what is passed with the module required: false - default: yes + default: true type: bool name: description: diff --git a/elb_target_group_info.py b/elb_target_group_info.py index 88d3491077b..5fd8a9b6c39 100644 --- a/elb_target_group_info.py +++ b/elb_target_group_info.py @@ -34,9 +34,9 @@ elements: str collect_targets_health: description: - - When set to "yes", output contains targets health description + - When set to C(True), output contains targets health description required: false - default: no + default: false type: bool extends_documentation_fragment: diff --git a/iam_policy_info.py b/iam_policy_info.py index 19c5a01885b..b408f01b450 100644 --- a/iam_policy_info.py +++ b/iam_policy_info.py @@ -17,18 +17,18 @@ iam_type: description: - Type of IAM resource you wish to retrieve inline policies for. - required: yes + required: true choices: [ "user", "group", "role"] type: str iam_name: description: - Name of IAM resource you wish to retrieve inline policies for. In other words, the user name, group name or role name. - required: yes + required: true type: str policy_name: description: - Name of a specific IAM inline policy you with to retrieve. - required: no + required: false type: str author: diff --git a/kinesis_stream.py b/kinesis_stream.py index f3ff171b421..530bc0b7d3b 100644 --- a/kinesis_stream.py +++ b/kinesis_stream.py @@ -86,7 +86,7 @@ community.aws.kinesis_stream: name: test-stream shards: 10 - wait: yes + wait: true wait_timeout: 600 register: test_stream @@ -97,7 +97,7 @@ shards: 10 tags: Env: development - wait: yes + wait: true wait_timeout: 600 register: test_stream @@ -109,7 +109,7 @@ shards: 10 tags: Env: development - wait: yes + wait: true wait_timeout: 600 register: test_stream @@ -118,7 +118,7 @@ community.aws.kinesis_stream: name: test-stream state: absent - wait: yes + wait: true wait_timeout: 600 register: test_stream @@ -131,7 +131,7 @@ encryption_state: enabled encryption_type: KMS key_id: alias/aws/kinesis - wait: yes + wait: true wait_timeout: 600 register: test_stream @@ -144,7 +144,7 @@ encryption_state: disabled encryption_type: KMS key_id: alias/aws/kinesis - wait: yes + wait: true wait_timeout: 600 register: test_stream ''' diff --git a/lambda_alias.py b/lambda_alias.py index adc89f4cb99..f1722ab5ab5 100644 --- a/lambda_alias.py +++ b/lambda_alias.py @@ -56,7 +56,7 @@ --- # Simple example to create a lambda function and publish a version - hosts: localhost - gather_facts: no + gather_facts: false vars: state: present project_folder: /path/to/deployment/package diff --git a/lambda_execute.py b/lambda_execute.py index 880ad4cb036..1d652466d6b 100644 --- a/lambda_execute.py +++ b/lambda_execute.py @@ -38,9 +38,9 @@ type: str tail_log: description: - - If I(tail_log=yes), the result of the task will include the last 4 KB + - If I(tail_log=true), the result of the task will include the last 4 KB of the CloudWatch log for the function execution. Log tailing only - works if you use synchronous invocation I(wait=yes). This is usually + works if you use synchronous invocation I(wait=true). This is usually used for development or testing Lambdas. type: bool default: false @@ -48,7 +48,7 @@ description: - Whether to wait for the function results or not. If I(wait=no) the task will not return any results. To wait for the Lambda function - to complete, set I(wait=yes) and the result will be available in the + to complete, set I(wait=true) and the result will be available in the I(output) key. type: bool default: true diff --git a/opensearch.py b/opensearch.py index 0035352b2a5..1cd9dd51e67 100644 --- a/opensearch.py +++ b/opensearch.py @@ -381,7 +381,7 @@ description: - Whether or not to wait for completion of OpenSearch creation, modification or deletion. type: bool - default: 'no' + default: false wait_timeout: description: - how long before wait gives up, in seconds. diff --git a/rds_cluster_snapshot.py b/rds_cluster_snapshot.py index 09077c9638b..2386f5589d7 100644 --- a/rds_cluster_snapshot.py +++ b/rds_cluster_snapshot.py @@ -94,7 +94,7 @@ region: us-east-1 source_id: "{{ snapshot.db_snapshot_arn }}" source_region: us-east-2 - copy_tags: yes + copy_tags: true ''' RETURN = r''' diff --git a/rds_instance.py b/rds_instance.py index f5e3aca4bbc..5996ec2b2cf 100644 --- a/rds_instance.py +++ b/rds_instance.py @@ -221,12 +221,12 @@ description: - The name of the feature associated with the IAM role. type: str - required: yes + required: true role_arn: description: - The ARN of the IAM role to associate with the DB instance. type: str - required: yes + required: true version_added: 3.3.0 iops: description: @@ -519,7 +519,7 @@ community.aws.rds_instance: id: "my-instance-id" state: present - purge_iam_roles: yes + purge_iam_roles: true # Restore DB instance from snapshot - name: Create a snapshot and wait until completion @@ -527,7 +527,7 @@ instance_id: 'my-instance-id' snapshot_id: 'my-new-snapshot' state: present - wait: yes + wait: true register: snapshot - name: Restore DB from snapshot diff --git a/rds_instance_snapshot.py b/rds_instance_snapshot.py index fc32ef75e4c..e9430fa1af4 100644 --- a/rds_instance_snapshot.py +++ b/rds_instance_snapshot.py @@ -92,7 +92,7 @@ region: us-east-1 source_id: "{{ snapshot.db_snapshot_arn }}" source_region: us-east-2 - copy_tags: yes + copy_tags: true - name: Delete snapshot community.aws.rds_instance_snapshot: diff --git a/route53.py b/route53.py index db97197ec6b..620d1833b98 100644 --- a/route53.py +++ b/route53.py @@ -256,7 +256,7 @@ type: A ttl: 7200 value: 1.1.1.1,2.2.2.2,3.3.3.3 - wait: yes + wait: true - name: Update new.foo.com as an A record with a list of 3 IPs and wait until the changes have been replicated community.aws.route53: state: present @@ -268,7 +268,7 @@ - 1.1.1.1 - 2.2.2.2 - 3.3.3.3 - wait: yes + wait: true - name: Retrieve the details for new.foo.com community.aws.route53: state: get diff --git a/s3_lifecycle.py b/s3_lifecycle.py index 9a2ea51e92f..0e74feec7c1 100644 --- a/s3_lifecycle.py +++ b/s3_lifecycle.py @@ -138,7 +138,7 @@ - Wait for the configuration to complete before returning. version_added: 1.5.0 type: bool - default: no + default: false extends_documentation_fragment: - amazon.aws.aws - amazon.aws.ec2 @@ -577,7 +577,7 @@ def main(): transition_days=dict(type='int'), transition_date=dict(), transitions=dict(type='list', elements='dict'), - purge_transitions=dict(default='yes', type='bool'), + purge_transitions=dict(default=True, type='bool'), wait=dict(type='bool', default=False) ) diff --git a/s3_sync.py b/s3_sync.py index 602df0aec36..0a1797c1133 100644 --- a/s3_sync.py +++ b/s3_sync.py @@ -122,7 +122,7 @@ description: - Remove remote files that exist in bucket but are not present in the file root. required: false - default: no + default: false type: bool author: Ted Timmons (@tedder) diff --git a/ses_rule_set.py b/ses_rule_set.py index a16a0b2b047..cf516048356 100644 --- a/ses_rule_set.py +++ b/ses_rule_set.py @@ -58,7 +58,7 @@ community.aws.ses_rule_set: name: default-rule-set state: present - active: yes + active: true - name: Create some arbitrary rule set but do not activate it community.aws.ses_rule_set: @@ -69,7 +69,7 @@ community.aws.ses_rule_set: name: default-rule-set state: present - active: no + active: false - name: Remove an arbitrary inactive rule set community.aws.ses_rule_set: @@ -80,7 +80,7 @@ community.aws.ses_rule_set: name: default-rule-set state: absent - force: yes + force: true """ RETURN = """ diff --git a/sqs_queue.py b/sqs_queue.py index e83735254f4..d4b159bbab9 100644 --- a/sqs_queue.py +++ b/sqs_queue.py @@ -187,7 +187,7 @@ name: fifo-queue region: ap-southeast-2 queue_type: fifo - content_based_deduplication: yes + content_based_deduplication: true - name: Tag queue community.aws.sqs_queue: diff --git a/waf_condition.py b/waf_condition.py index b948ec9a81f..e44e889a8fc 100644 --- a/waf_condition.py +++ b/waf_condition.py @@ -127,7 +127,7 @@ waf_regional: description: Whether to use C(waf-regional) module. default: false - required: no + required: false type: bool state: description: Whether the condition should be C(present) or C(absent). diff --git a/waf_info.py b/waf_info.py index 81538e62923..e91a6d62672 100644 --- a/waf_info.py +++ b/waf_info.py @@ -22,7 +22,7 @@ waf_regional: description: Whether to use the C(waf-regional) module. default: false - required: no + required: false type: bool author: diff --git a/waf_rule.py b/waf_rule.py index 188c6de9df6..201529f25d1 100644 --- a/waf_rule.py +++ b/waf_rule.py @@ -27,7 +27,7 @@ options: name: description: Name of the Web Application Firewall rule. - required: yes + required: true type: str metric_name: description: @@ -79,13 +79,13 @@ conditions: - name: my_regex_condition type: regex - negated: no + negated: false - name: my_geo_condition type: geo - negated: no + negated: false - name: my_byte_condition type: byte - negated: yes + negated: true - name: remove WAF rule community.aws.waf_rule: diff --git a/waf_web_acl.py b/waf_web_acl.py index c4958a7c41f..d814736ad32 100644 --- a/waf_web_acl.py +++ b/waf_web_acl.py @@ -26,7 +26,7 @@ options: name: description: Name of the Web Application Firewall ACL to manage. - required: yes + required: true type: str default_action: description: The action that you want AWS WAF to take when a request doesn't @@ -82,7 +82,7 @@ waf_regional: description: Whether to use C(waf-regional) module. default: false - required: no + required: false type: bool ''' @@ -95,7 +95,7 @@ priority: 1 action: block default_action: block - purge_rules: yes + purge_rules: true state: present - name: delete the web acl diff --git a/wafv2_ip_set.py b/wafv2_ip_set.py index b4b3e4f8609..33fb7c32f68 100644 --- a/wafv2_ip_set.py +++ b/wafv2_ip_set.py @@ -56,7 +56,7 @@ purge_addresses: description: - When set to C(no), keep the existing addresses in place. Will modify and add, but will not delete. - default: yes + default: true type: bool notes: diff --git a/wafv2_rule_group.py b/wafv2_rule_group.py index 5a6cafdf1dd..44dc9ba88b5 100644 --- a/wafv2_rule_group.py +++ b/wafv2_rule_group.py @@ -63,7 +63,7 @@ purge_rules: description: - When set to C(no), keep the existing load balancer rules in place. Will modify and add, but will not delete. - default: yes + default: true type: bool extends_documentation_fragment: @@ -87,13 +87,13 @@ action: allow: {} visibility_config: - sampled_requests_enabled: yes - cloud_watch_metrics_enabled: yes + sampled_requests_enabled: true + cloud_watch_metrics_enabled: true metric_name: fsd statement: ip_set_reference_statement: arn: "{{ IPSET.arn }}" - cloudwatch_metrics: yes + cloudwatch_metrics: true tags: A: B C: D @@ -112,8 +112,8 @@ action: allow: {} visibility_config: - sampled_requests_enabled: yes - cloud_watch_metrics_enabled: yes + sampled_requests_enabled: true + cloud_watch_metrics_enabled: true metric_name: fsd statement: ip_set_reference_statement: @@ -123,8 +123,8 @@ action: block: {} visibility_config: - sampled_requests_enabled: yes - cloud_watch_metrics_enabled: yes + sampled_requests_enabled: true + cloud_watch_metrics_enabled: true metric_name: ddos statement: or_statement: @@ -144,7 +144,7 @@ text_transformations: - type: NONE priority: 0 - cloudwatch_metrics: yes + cloudwatch_metrics: true tags: A: B C: D diff --git a/wafv2_web_acl.py b/wafv2_web_acl.py index c51a04e49e7..df4a01b5034 100644 --- a/wafv2_web_acl.py +++ b/wafv2_web_acl.py @@ -95,7 +95,7 @@ purge_rules: description: - When set to C(no), keep the existing load balancer rules in place. Will modify and add, but will not delete. - default: yes + default: true type: bool notes: @@ -115,8 +115,8 @@ description: hallo eins scope: REGIONAL default_action: Allow - sampled_requests: no - cloudwatch_metrics: yes + sampled_requests: false + cloudwatch_metrics: true metric_name: test05-acl-metric rules: - name: zwei @@ -124,8 +124,8 @@ action: block: {} visibility_config: - sampled_requests_enabled: yes - cloud_watch_metrics_enabled: yes + sampled_requests_enabled: true + cloud_watch_metrics_enabled: true metric_name: ddos statement: xss_match_statement: @@ -139,8 +139,8 @@ override_action: none: {} visibility_config: - sampled_requests_enabled: yes - cloud_watch_metrics_enabled: yes + sampled_requests_enabled: true + cloud_watch_metrics_enabled: true metric_name: fsd statement: managed_rule_group_statement: @@ -154,8 +154,8 @@ override_action: none: {} visibility_config: - sampled_requests_enabled: yes - cloud_watch_metrics_enabled: yes + sampled_requests_enabled: true + cloud_watch_metrics_enabled: true metric_name: bad_input_protect statement: managed_rule_group_statement: @@ -171,8 +171,8 @@ action: block: {} visibility_config: - sampled_requests_enabled: yes - cloud_watch_metrics_enabled: yes + sampled_requests_enabled: true + cloud_watch_metrics_enabled: true metric_name: mydomain-ratelimit statement: rate_based_statement: @@ -199,7 +199,7 @@ text_transformations: - type: LOWERCASE priority: 0 - purge_rules: yes + purge_rules: true tags: A: B C: D @@ -211,8 +211,8 @@ description: ACL that filters web traffic based on rate limits and whitelists some IPs scope: REGIONAL default_action: Allow - sampled_requests: yes - cloudwatch_metrics: yes + sampled_requests: true + cloudwatch_metrics: true metric_name: ip-filtering-traffic rules: - name: whitelist-own-IPs @@ -223,8 +223,8 @@ ip_set_reference_statement: arn: 'arn:aws:wafv2:us-east-1:520789123123:regional/ipset/own-public-ips/1c4bdfc4-0f77-3b23-5222-123123123' visibility_config: - sampled_requests_enabled: yes - cloud_watch_metrics_enabled: yes + sampled_requests_enabled: true + cloud_watch_metrics_enabled: true metric_name: waf-acl-rule-whitelist-own-IPs - name: rate-limit-per-IP priority: 1 @@ -238,10 +238,10 @@ limit: 5000 aggregate_key_type: IP visibility_config: - sampled_requests_enabled: yes - cloud_watch_metrics_enabled: yes + sampled_requests_enabled: true + cloud_watch_metrics_enabled: true metric_name: waf-acl-rule-rate-limit-per-IP - purge_rules: yes + purge_rules: true custom_response_bodies: too_many_requests: content_type: APPLICATION_JSON