What’s New: Cloud Automation with amazon.cloud 0.4.0

July 18, 2023 by Gomathi Selvi Srinivasan

The Amazon Web Services (AWS) Cloud Control Collection (amazon.cloud) has been updated with a powerful new suite of modules. We introduced the experimental cloud collection for Ansible back in May of 2022 and it has come a really long way.  With the launch of the AWS Cloud Control API, developers have a consistent method to manage supported services that are defined as part of their cloud infrastructure throughout their lifecycle, so there are fewer APIs to learn as developers add new services to their infrastructure. The 0.4.0 version of the amazon.cloud collection not only improves the user experience in automating AWS cloud features with Ansible, but also provides improved code quality and an enhanced CI process.

This blog explains what is new in amazon.cloud 0.4.0 that will help both the developers and the users.


Forward-Looking Changes

Migration of CI from Zuul to GitHub Actions

Continuous Integration testing and the release process have been moved from Zuul to GitHub Actions for this collection. The tests include code linters (which check style formatting), unit tests, integration tests, sanity tests, and other custom checks. Using GitHub Actions has helped us save a lot of time and effort.

By opting for GitHub Actions, we were able to avoid the frequent instability and the maintenance overload of zuul. More details on why we decided to migrate to GitHub Actions can be found here. Details about the workflows used for testing, tagging, and release can be found here.

New Features Highlight

Some of the new features available in this Ansible content collection release are listed below.

Module name



Creates and manages an Access Control List (ACL) to specify permissions to a MemoryDB for Redis cluster.


Creates or manages a MemoryDB for the Redis cluster.


Creates a new MemoryDB parameter group.


Creates a new MemoryDB subnet group.


Creates a new MemoryDB user.

Creation and configuration of MemoryDB

The explosion of data every ten years and the rapid rate of change driven by DevOps teams needs a fast and flexible database. AWS caters to this need with MemoryDB. This Redis compatible in-memory database service can be managed using the new MemoryDB modules of Ansible.

The following part of this blog takes you through the steps to create and configure the MemoryDB cluster using Ansible’s amazon.cloud modules.

Create a cluster

A cluster is a collection of one or more nodes serving a single dataset. The memorydb_cluster module lets you create, modify and delete a cluster, take snapshots of a cluster, view its elements, and modify the cost allocation tags of a cluster. The following example shows how to create a cluster with an ACL, subnet group, and parameter group that are already present. Creation of these parameters using amazon.cloud collection is shown in later examples.

- name: Create a MemoryDB cluster
  hosts: localhost
  gather_facts: false

  - name: Create MemoryDB cluster
        cluster_name: "mycluster"
        node_type: "db.r6g.large"
        acl_name: "myacl"
        subnet_group_name: "mysggroup"
        parameter_group_name: "myparametergroup"

List all the available MemoryDB cluster in a given region

When the state is set to list, the output contains a list (elements: dict) of all the available memorydb clusters. When the state is set as describe and cluster_name is set to cluster name, the information of the mentioned cluster is returned as a dict.

- name: Get info about  MemoryDB cluster
  hosts: localhost
  gather_facts: false

  - name: Get info about  MemoryDB cluster
        cluster_name: "mycluster"
        state: describe

Create and authenticate users using Access Control List

Access to the MemoryDB clusters can be controlled by grouping users and enabling ACL to the group. This ACL can be deployed to one or more clusters as shown above.

- name: Create users who can access the cluster
  hosts: localhost
  gather_facts: false

  - name: Create users
       user_name: "user1"
           type: "password"
           passwords: ["xyz1abcdpqrs2345"]
Additional Info
Remember to follow best practices on credential management including passwords and secrets. For example you can use Ansible vault or automation controller credentials to encrypt sensitive information.

- name: Create acl and assign user
  hosts: localhost
  gather_facts: false
  - name: Create ACL for the user
       acl_name: "myacl"
       user_names: ["user1"]

Create a parameter group for the MemoryDB cluster

The runtime properties of a cluster can be controlled by parameter groups. The following example shows how to configure the parameter group.

- name: Create parameter group
  hosts: localhost
  gather_facts: false
  - name: Create a Parameter Group
        parameter_group_name: "myparametergroup"
        family: "memorydb_redis6"
        description: "parameter group 1"

Create subnet groups for the MemoryDB cluster

The following example shows how to create a collection of subnets that can be assigned to the cluster as shown in the first example. MemoryDB uses that subnet group to choose a subnet and IP addresses within that subnet to associate with your nodes.

- name: Create Subnet  group
  hosts: localhost
  gather_facts: false

  - name: Create Subnet Group
       subnet_group_name: "mysubnetgroup"
       subnet_ids: ["subnet-xxxx"]
       description: "subnet group 1"

All these services can be listed, described, and deleted by assigning the respective values to the “state” key in the respective modules. For more details on the module parameters and values, please have a look at the module documentation.



AWS provides a wide range of cloud services, which started with Amazon Simple Storage Service (Amazon S3) and has since grown to include over 200 different services. Each of these services has a unique API that developers need to understand, which can be a challenge as applications get more complex.

However, with the introduction of AWS Cloud Control API, developers now have a simpler way to manage their cloud infrastructure. This new API provides a uniform method for handling services, reducing the number of different APIs developers need to learn as they add new services.

The Ansible Cloud Content Collection leverages the AWS Cloud Control API, offering automation professionals a chance to utilize this new technology. With ongoing enhancements, the Ansible Cloud Collection will keep introducing these fresh features for Ansible automation engineers.


Where to go next



AWS, Cloud Automation, Ansible content collections


Gomathi Selvi Srinivasan

Senior Software Engineer, R&D Ansible Engineering | Red Hat

rss-icon  RSS Feed