api_gateway doesn't create a new deployment when API Gateway already exists

[danielvijge]

Summary

(not sure if this is a bug or by design, as CloudFormation works in the same way)

When an API Gateway CloudFormation stack is updated, it might make changes to the API Gateway resources. But in AWS these do not become active until the API Gateway is redeployed. Therefore it is needed that the API Gateway can also be redeployed using Ansible.

However, this does not happen. Looking at the code create_deployment() is called as part of the ensure_api_in_correct_state() function. In turn, this functional is only called from main() when api_id is None, meaning only for cases where no previous API exists.

I think any time a task of community.aws.api_gateway with api_id and stage is run, it should create a new deployment. Now the only way to work around this seems to run aws apigateway create-deployment --rest-api "{{ item }}" --stage-name "development" --region {{ aws_region }} --description "Deployment on {{ now() }}" as a shell command.

The the example the 1st task updates the API Gateway CloudFormation stack. The 2nd and 3rd task collect all the API Gateway IDs. The 4th task should redeploy the API Gateway.

Issue Type

Bug Report

Component Name

api_gateway

Ansible Version

ansible [core 2.16.1]
  config file = None
  configured module search path = ['/Users/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/Cellar/ansible/9.1.0/libexec/lib/python3.12/site-packages/ansible
  ansible collection location = /Users/user/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.12.1 (main, Dec  7 2023, 20:45:44) [Clang 15.0.0 (clang-1500.0.40.1)] (/usr/local/Cellar/ansible/9.1.0/libexec/bin/python)
  jinja version = 3.1.3
  libyaml = True

Collection Versions

# /usr/local/Cellar/ansible/9.1.0/libexec/lib/python3.12/site-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    7.0.0  
ansible.netcommon             5.3.0  
ansible.posix                 1.5.4  
ansible.utils                 2.12.0 
ansible.windows               2.2.0  
arista.eos                    6.2.2  
awx.awx                       23.5.0 
azure.azcollection            1.19.0 
check_point.mgmt              5.1.1  
chocolatey.chocolatey         1.5.1  
cisco.aci                     2.8.0  
cisco.asa                     4.0.3  
cisco.dnac                    6.8.1  
cisco.intersight              2.0.3  
cisco.ios                     5.3.0  
cisco.iosxr                   6.1.1  
cisco.ise                     2.6.2  
cisco.meraki                  2.16.16
cisco.mso                     2.5.0  
cisco.nxos                    5.3.0  
cisco.ucs                     1.10.0 
cloud.common                  2.1.4  
cloudscale_ch.cloud           2.3.1  
community.aws                 7.0.0  
community.azure               2.0.0  
community.ciscosmb            1.0.7  
community.crypto              2.16.1 
community.digitalocean        1.24.0 
community.dns                 2.6.4  
community.docker              3.4.11 
community.general             8.1.0  
community.grafana             1.6.1  
community.hashi_vault         6.0.0  
community.hrobot              1.8.2  
community.libvirt             1.3.0  
community.mongodb             1.6.3  
community.mysql               3.8.0  
community.network             5.0.2  
community.okd                 2.3.0  
community.postgresql          3.2.0  
community.proxysql            1.5.1  
community.rabbitmq            1.2.3  
community.routeros            2.11.0 
community.sap                 2.0.0  
community.sap_libs            1.4.1  
community.sops                1.6.7  
community.vmware              4.0.1  
community.windows             2.1.0  
community.zabbix              2.2.0  
containers.podman             1.11.0 
cyberark.conjur               1.2.2  
cyberark.pas                  1.0.23 
dellemc.enterprise_sonic      2.2.0  
dellemc.openmanage            8.5.0  
dellemc.powerflex             2.1.0  
dellemc.unity                 1.7.1  
f5networks.f5_modules         1.27.1 
fortinet.fortimanager         2.3.0  
fortinet.fortios              2.3.4  
frr.frr                       2.0.2  
gluster.gluster               1.0.2  
google.cloud                  1.3.0  
grafana.grafana               2.2.3  
hetzner.hcloud                2.4.1  
hpe.nimble                    1.1.4  
ibm.qradar                    2.1.0  
ibm.spectrum_virtualize       2.0.0  
ibm.storage_virtualize        2.1.0  
infinidat.infinibox           1.3.12 
infoblox.nios_modules         1.5.0  
inspur.ispim                  2.2.0  
inspur.sm                     2.3.0  
junipernetworks.junos         5.3.1  
kubernetes.core               2.4.0  
lowlydba.sqlserver            2.2.2  
microsoft.ad                  1.4.1  
netapp.aws                    21.7.1 
netapp.azure                  21.10.1
netapp.cloudmanager           21.22.1
netapp.elementsw              21.7.0 
netapp.ontap                  22.8.3 
netapp.storagegrid            21.11.1
netapp.um_info                21.8.1 
netapp_eseries.santricity     1.4.0  
netbox.netbox                 3.15.0 
ngine_io.cloudstack           2.3.0  
ngine_io.exoscale             1.1.0  
openstack.cloud               2.2.0  
openvswitch.openvswitch       2.1.1  
ovirt.ovirt                   3.2.0  
purestorage.flasharray        1.24.0 
purestorage.flashblade        1.14.0 
purestorage.fusion            1.6.0  
sensu.sensu_go                1.14.0 
splunk.es                     2.1.2  
t_systems_mms.icinga_director 2.0.1  
telekom_mms.icinga_director   1.35.0 
theforeman.foreman            3.15.0 
vmware.vmware_rest            2.3.1  
vultr.cloud                   1.10.1 
vyos.vyos                     4.1.0  
wti.remote                    1.0.5  

AWS SDK versions

Name: boto
Version: 2.49.0
Summary: Amazon Web Services Library
Home-page: https://github.com/boto/boto/
Author: Mitch Garnaat
Author-email: [email protected]
License: MIT
Location: /usr/local/lib/python3.11/site-packages
Requires: 
Required-by: 
---
Name: boto3
Version: 1.34.35
Summary: The AWS SDK for Python
Home-page: https://github.com/boto/boto3
Author: Amazon Web Services
Author-email: 
License: Apache License 2.0
Location: /usr/local/lib/python3.11/site-packages
Requires: botocore, jmespath, s3transfer
Required-by: 
---
Name: botocore
Version: 1.34.35
Summary: Low-level, data-driven core of boto 3.
Home-page: https://github.com/boto/botocore
Author: Amazon Web Services
Author-email: 
License: Apache License 2.0
Location: /usr/local/lib/python3.11/site-packages
Requires: jmespath, python-dateutil, urllib3
Required-by: boto3, s3transfer

Configuration

CONFIG_FILE() = None
EDITOR(env: EDITOR) = subl
PAGER(env: PAGER) = less

OS / Environment

MacOs

Steps to Reproduce

- name: Deploy API Gateway CloudFormation template
  amazon.aws.cloudformation:
    stack_name: api-gateway
    state: present
    region: "{{ aws_region }}"
    template: api-gateway.yaml
    capabilities: CAPABILITY_NAMED_IAM

- name: Get API Gateway CloudFormation deployment
  amazon.aws.cloudformation_info:
    stack_name: api-gateway
    region: "{{ aws_region }}"
    stack_resources: true
  register: api_gateways

- name: Get the API Gateways
  set_fact:
    api_gateways: "{{ api_gateways | community.general.json_query('cloudformation.* | [0].stack_resource_list[?resource_type==`AWS::ApiGateway::RestApi`].physical_resource_id') }}"

- name: Redeploy API gateway
  community.aws.api_gateway:
    api_id: "{{ item }}"
    lookup: id
    stage: development
    region: "{{ aws_region }}"
    deploy_desc: Deployment on {{ now() }}
  with_items: "{{ api_gateways }}"
  delay: 10
  loop_control:
    label: Creating new deployment for API gateway {{ item }} on stage development

Expected Results

API Gateway is redeployed

Actual Results

No change to the deployment

Code of Conduct

• I agree to follow the Ansible Code of Conduct