aws_acm_info fails to list certificates if any certificate is present with null 'DomainName'

[rahulcleo]

Summary

When using community.aws.aws_acm_info module, it fails to list certificates from. any given region where you have certificates present with null domain name.

The ansible error trace is like this:

TASK [Fetch ACM info] **************************************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'DomainName'
fatal: [localhost]: FAILED! => changed=false
  module_stderr: |-
    Traceback (most recent call last):
      File "<stdin>", line 107, in <module>
      File "<stdin>", line 99, in _ansiballz_main
      File "<stdin>", line 47, in invoke_module
      File "<frozen runpy>", line 226, in run_module
      File "<frozen runpy>", line 98, in _run_module_code
      File "<frozen runpy>", line 88, in _run_code
      File "/tmp/ansible_aws_acm_info_payload_dmognrki/ansible_aws_acm_info_payload.zip/ansible_collections/community/aws/plugins/modules/acm_certificate_info.py", line 304, in <module>
      File "/tmp/ansible_aws_acm_info_payload_dmognrki/ansible_aws_acm_info_payload.zip/ansible_collections/community/aws/plugins/modules/acm_certificate_info.py", line 288, in main
      File "/tmp/ansible_aws_acm_info_payload_dmognrki/ansible_aws_acm_info_payload.zip/ansible_collections/amazon/aws/plugins/module_utils/acm.py", line 171, in get_certificates
    KeyError: 'DomainName'
  module_stdout: ''
  msg: |-
    MODULE FAILURE
    See stdout/stderr for the exact error
  rc: 1

PLAY RECAP *************************************************************************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

It runs fine in case of any region where certificate without a domain name is not present.

Issue Type

Bug Report

Component Name

aws_acm_info

Ansible Version

$ ansible --version
ansible [core 2.16.11]
  config file = /Users/rsingh/chimera/ansible/ansible.cfg
  configured module search path = ['/Users/rsingh/chimera/ansible/library', '/Users/rsingh/chimera/ansible/plugins/modules', '/Users/rsingh/chimera/ansible/contexts/stacks/plugins/modules']
  ansible python module location = /usr/lib/python3.11/site-packages/ansible
  ansible collection location = /home/ec2-user/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.6 (main, Apr 24 2024, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/usr/bin/python3.11)
  jinja version = 3.1.4
  libyaml = True

Collection Versions

$ ansible-galaxy collection list

# /usr/lib/python3.11/site-packages/ansible_collections
Collection                               Version
---------------------------------------- -------
amazon.aws                               7.6.1
ansible.netcommon                        5.3.0
ansible.posix                            1.5.4
ansible.utils                            2.12.0
ansible.windows                          2.4.0
arista.eos                               6.2.2
awx.awx                                  23.9.0
azure.azcollection                       1.19.0
check_point.mgmt                         5.2.3
chocolatey.chocolatey                    1.5.1
cisco.aci                                2.10.1
cisco.asa                                4.0.3
cisco.dnac                               6.17.1
cisco.intersight                         2.0.10
cisco.ios                                5.3.0
cisco.iosxr                              6.1.1
cisco.ise                                2.9.3
cisco.meraki                             2.18.1
cisco.mso                                2.9.0
cisco.nxos                               5.3.0
cisco.ucs                                1.10.0
cloud.common                             2.1.4
cloudscale_ch.cloud                      2.4.0
community.aws                            7.2.0
community.azure                          2.0.0
community.ciscosmb                       1.0.9
community.crypto                         2.21.1
community.digitalocean                   1.26.0
community.dns                            2.9.4
community.docker                         3.12.1
community.general                        8.6.4
community.grafana                        1.9.1
community.hashi_vault                    6.2.0
community.hrobot                         1.9.3
community.library_inventory_filtering_v1 1.0.1
community.libvirt                        1.3.0
community.mongodb                        1.7.6
community.mysql                          3.9.0
community.network                        5.0.3
community.okd                            2.3.0
community.postgresql                     3.4.1
community.proxysql                       1.6.0
community.rabbitmq                       1.3.0
community.routeros                       2.18.0
community.sap                            2.0.0
community.sap_libs                       1.4.2
community.sops                           1.8.2
community.vmware                         4.5.0
community.windows                        2.2.0
community.zabbix                         2.5.1
containers.podman                        1.15.4
cyberark.conjur                          1.3.0
cyberark.pas                             1.0.27
dellemc.enterprise_sonic                 2.4.0
dellemc.openmanage                       8.7.0
dellemc.powerflex                        2.5.0
dellemc.unity                            1.7.1
f5networks.f5_modules                    1.30.1
fortinet.fortimanager                    2.6.0
fortinet.fortios                         2.3.7
frr.frr                                  2.0.2
gluster.gluster                          1.0.2
google.cloud                             1.3.0
grafana.grafana                          2.2.5
hetzner.hcloud                           2.5.0
hpe.nimble                               1.1.4
ibm.qradar                               2.1.0
ibm.spectrum_virtualize                  2.0.0
ibm.storage_virtualize                   2.4.1
ieisystem.inmanage                       2.0.0
infinidat.infinibox                      1.4.5
infoblox.nios_modules                    1.6.1
inspur.ispim                             2.2.3
inspur.sm                                2.3.0
junipernetworks.junos                    5.3.1
kaytus.ksmanage                          1.2.2
kubernetes.core                          2.4.2
lowlydba.sqlserver                       2.3.3
microsoft.ad                             1.6.0
netapp.aws                               21.7.1
netapp.azure                             21.10.1
netapp.cloudmanager                      21.22.1
netapp.elementsw                         21.7.0
netapp.ontap                             22.12.0
netapp.storagegrid                       21.12.0
netapp.um_info                           21.8.1
netapp_eseries.santricity                1.4.0
netbox.netbox                            3.19.1
ngine_io.cloudstack                      2.3.0
ngine_io.exoscale                        1.1.0
openstack.cloud                          2.2.0
openvswitch.openvswitch                  2.1.1
ovirt.ovirt                              3.2.0
purestorage.flasharray                   1.30.2
purestorage.flashblade                   1.18.0
purestorage.fusion                       1.6.1
sensu.sensu_go                           1.14.0
splunk.es                                2.1.2
t_systems_mms.icinga_director            2.0.1
telekom_mms.icinga_director              1.35.0
theforeman.foreman                       3.15.0
vmware.vmware                            1.4.0
vmware.vmware_rest                       2.3.1
vultr.cloud                              1.13.0
vyos.vyos                                4.1.0
wti.remote                               1.0.5

AWS SDK versions

$ pip show boto boto3 botocore

Name: boto
Version: 2.49.0
Summary: Amazon Web Services Library
Home-page: https://github.com/boto/boto/
Author: Mitch Garnaat
Author-email: [email protected]
License: MIT
Location: /usr/lib/python3.11/site-packages
Requires:
Required-by:
---
Name: boto3
Version: 1.35.10
Summary: The AWS SDK for Python
Home-page: https://github.com/boto/boto3
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /usr/lib/python3.11/site-packages
Requires: botocore, jmespath, s3transfer
Required-by:
---
Name: botocore
Version: 1.35.10
Summary: Low-level, data-driven core of boto 3.
Home-page: https://github.com/boto/botocore
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /usr/lib/python3.11/site-packages
Requires: jmespath, python-dateutil, urllib3
Required-by: awscli, boto3, s3transfer

Configuration

$ ansible-config dump --only-changed

OS / Environment

No response

Steps to Reproduce

1. have an acm certificate without a domain name in region x
2. try to fetch the info of all certificates in region x. Or specifically get acm info of this certificate with no domain name.

Expected Results

Should return the acm info with this condition.

Actual Results

Code of Conduct

• I agree to follow the Ansible Code of Conduct