Hi all!
When trying to create a Cloudfront distribution I used this workbook:
- name: Setup Cache CloudFront distribution
community.aws.cloudfront_distribution:
alias: 'cache-{{ environment }}'
aws_access_key: '{{ aws_key }}'
aws_secret_key: '{{ aws_secret }}'
comment: comment
default_cache_behavior:
forwarded_values:
allowed_methods:
cached_methods:
- GET
- HEAD
items:
- GET
- HEAD
- POST
- PUT
- DELETE
- OPTIONS
- PATCH
compress: true
cookies:
forward: none
default_ttl: 86400
headers:
- '*'
min_ttl: 0
max_ttl: 31536000
query_string: true
viewer_protocol_policy: https-only
origin_request_policy_id: '{{ cache_cloudfront_distribution_allviewer_policy_id }}'
target_origin_id: '{{ cache_cloudfront_distribution_origin_id }}'
default_root_object: index.html
enabled: true
origins:
- id: '{{ cache_cloudfront_distribution_origin_id }}'
domain_name: '{{ cache_cloudfront_distribution_origin_domain_name }}'
custom_origin_config:
http_port: 80
https_port: 443
origin_protocol_policy: https-only
origin_ssl_protocols:
- TLSv1.2
origin_read_timeout: 50
origin_keepalive_timeout: 55
origin_shield:
enabled: true
origin_shield_region: '{{ cache_cloudfront_distribution_origin_shield_region }}'
price_class: PriceClass_All
restrictions:
geo_restriction:
restriction_type: none
state: present
viewer_certificate:
cloudfront_default_certificate: true
minimum_protocol_version: TLSv1.2_2021
register: cache_cloudfront
- name: Setup Cache CloudFront distribution details
debug:
msg: "{{ cache_cloudfront.distribution }}"
Then I got this error:
Error validating distribution origins: 'list' object has no attribute 'get'
And the following details:
The full traceback is:
Traceback (most recent call last):
File "/tmp/ansible_community.aws.cloudfront_distribution_payload_6z9a8c6a/ansible_community.aws.cloudfront_distribution_payload.zip/ansible_collections/community/aws/plugins/modules/cloudfront_distribution.py", line 1762, in validate_origins
origin = self.validate_origin(
^^^^^^^^^^^^^^^^^^^^^
File "/tmp/ansible_community.aws.cloudfront_distribution_payload_6z9a8c6a/ansible_community.aws.cloudfront_distribution_payload.zip/ansible_collections/community/aws/plugins/modules/cloudfront_distribution.py", line 1866, in validate_origin
if custom_origin_config.get("origin_ssl_protocols", {}).get("items"):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: 'list' object has no attribute 'get'
So it looks like origin_ssl_protocols is not a list, but an object that expects an items entry. That’s not what the documentation says: community.aws.cloudfront_distribution module – Create, update and delete AWS CloudFront distributions — Ansible Community Documentation
I’m using ansible-core 2.16.1 and community.aws:8.0.0.
I hope this is of interest for everyone.
Kind regards!
Álvaro Morillas