ec2 verify parameter is overridden if profile is set and we're using boto3 #129
Assignees
Comments
tremble
added a commit
to tremble/amazon.aws
that referenced
this issue
Aug 20, 2020
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this issue
Oct 24, 2023
* Enable all sanity tests. * Update ignore.txt. Co-authored-by: Jill R <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SUMMARY
I was looking at the code in get_aws_connection_info and think I found a bug with validate_certs and profile.
If, in your playbook, you set
the code will set boto_params['verify'] = validate_certs here https://github.com/ansible-collections/amazon.aws/blob/main/plugins/module_utils/ec2.py#L326 but then immediately afterwards, overwrite that here: https://github.com/ansible-collections/amazon.aws/blob/main/plugins/module_utils/ec2.py#L332 That would mean the default boto value of verify is used instead of the value set in the playbook.
This should be fixable by setting boto_params['verify'] after the profile is set. That is the strategy which the non-boto3 section of code seems to take: https://github.com/ansible-collections/amazon.aws/blob/main/plugins/module_utils/ec2.py#L340
ISSUE TYPE
COMPONENT NAME
ANSIBLE VERSION
CONFIGURATION
OS / ENVIRONMENT
STEPS TO REPRODUCE
EXPECTED RESULTS
ACTUAL RESULTS
The text was updated successfully, but these errors were encountered: