As cloud computing and automation with Amazon Web Services (AWS) infrastructure continue to evolve, version 10.0.0 of Red Hat Ansible Certified Content Collection for AWS continues to adapt and innovate. The release of version 10.0.0 brings a range of enhancements designed to streamline user workflows, improve reliability and support a more modern and security-focused automation environment. These updates help users accelerate the shift from development to production environments more smoothly.
In this blog post, we’ll take a closer look at the key features, enhancements and important changes included in the Red Hat Ansible Certified Content Collection for amazon.aws 10.0.0.
Changes and enhancements
While this release focuses heavily on major features and breaking changes, several behind-the-scenes improvements have also been made to enhance the reliability, stability and clarity of error handling—particularly when working with Amazon S3 resources.
The S3-related modules and utilities in the collection have undergone important updates to improve how errors are detected, classified and surfaced to users. These changes make automation more robust and easier to troubleshoot, especially in edge cases or failure scenarios.
Key improvements:
- Support for HTTP 501 error code: The internal module_utils.s3 utility has been updated to recognize and handle the 501 Not Implemented HTTP error code. This enables automation to fail in a controlled and predictable way when encountering unsupported operations from S3, instead of generating vague or misleading error messages.
- Initial implementation of a centralized ErrorHandler: A foundational ErrorHandler has been introduced specifically for S3 bucket modules. This component standardizes the way errors are captured and reported, making the behavior more consistent across different S3 bucket related tasks.
- Updated s3_bucket module to use the new ErrorHandler: The s3_bucket module now takes advantage of the centralized ErrorHandler for improved handling of both AWS-specific and non-AWS-related issues. This refactor reduces ambiguity in error reporting and simplifies debugging in automation playbooks.
These changes enhance the reliability and clarity of error reporting when working with Amazon S3.
New connection plug-in
A major highlight of this release is the promotion of the aws_ssm connection plug-in to full Red Hat support. The aws_ssm plug-in allows users to connect to EC2 instances over AWS Systems Manager (SSM), eliminating the need for SSH access or public IP addresses. Instead, connections occur via the AWS SSM Agent, which is especially valuable for:
- Environments that disallow SSH for compliance or security reasons.
- Instances behind firewalls or in private VPC subnets.
- Reducing credential sprawl by eliminating key-pair management.
This plug-in offers a security-focused, agent-based and network-isolated connection method that aligns with modern infrastructure security best practices.
Note: In an upcoming blog post, we’ll showcase practical use cases for aws_ssm and how to incorporate it into your automation workflows for increased security and scalability.
Updated support policies
Several updates reflect Red Hat's and AWS's commitment to supporting modern, security-focused platforms:
Ansible version support
This release drops support for ansible-core versions below 2.17. Users should upgrade to take advantage of the latest features and ensure compatibility. For more information, visit the Ansible release documentation.
boto3/botocore SDK policy
The Collection now requires botocore >= 1.34.0 and boto3 >= 1.34.0.
Older SDK versions may still work, but compatibility is not guaranteed or tested. Red Hat Ansible Automation Platform will display warnings if deprecated SDK versions are detected. Please refer to individual module documentation for version-specific requirements. Check out the module documentation for the minimum required version for each module.
Python version policy
AWS announced that the AWS Command Line Interface (AWS CLI) v1 and AWS SDK for Python (boto3 and botocore) will no longer support Python 3.7. Following the AWS SDKs support policy update that removes support for Python versions below 3.8 and to continue to support Red Hat customers with security-focused and maintainable tools, we aligned with this situation and deprecated support for Python versions lower than 3.8 in the 6.0.0 release of the collection and removed Python versions below 3.8 in this 10.0.0 release.
Breaking changes
This release also introduces some breaking changes into the Collection's modules. These changes represent prior deprecations that have now been completely removed.
Module | Description |
rds_instance_param_group | Previously known as rds_param_group. The deprecated name has now been removed. |
ec2_vpc_peering_info | The result return key was previously deprecated and has been removed. Please use vpc_peering_connections instead. |
Changes for developers and contributors
If you're developing with or contributing to the amazon.aws collection, take note of several back-end and code quality changes.
Removed deprecated doc fragments
Several deprecated doc_fragments have now been fully removed. Contributors should update any custom modules or plug-ins using them:
Old Fragment | Replacement |
amazon.aws.aws_region | amazon.aws.region.plugins |
amazon.aws.aws | amazon.aws.common.modules |
amazon.aws.ec2 | amazon.aws.region.modules |
amazon.aws.aws_credentials | amazon.aws.common.plugins |
Removed deprecated parameters in module_utils
- module_utils.botocore
Removed boto3 parameter from get_aws_region() and
get_aws_connection_info().
- module_utils.ec2
Removed boto3 parameter from get_ec2_security_group_ids_from_names() and
get_aws_connection_info().
These parameters have had no effect since version 4.0.0 and are now cleaned up for consistency.
Removed deprecated environment variables and aliases
The following environment variables and parameter aliases, deprecated in version 6.0.0, have now been removed:
Deprecated Item | Type | Replacement |
EC2_ACCESS_KEY | Environment Variable | AWS_ACCESS_KEY_ID or access_key |
EC2_SECRET_KEY | Environment Variable | AWS_SECRET_ACCESS_KEY or secret_key |
EC2_REGION | Environment Variable | AWS_REGION or region |
EC2_URL / S3_URL | Environment Variable | AWS_URL or endpoint_url |
EC2_SECURITY_TOKEN | Environment Variable | AWS_SESSION_TOKEN or session_token |
AWS_SECURITY_TOKEN | Environment Variable | AWS_SESSION_TOKEN or session_token |
ec2_access_key | Parameter Alias | access_key |
ec2_secret_key | Parameter Alias | secret_key |
ec2_region | Parameter Alias | region |
ec2_url, s3_url | Parameter Alias | endpoint_url |
boto_profile | Parameter Alias | profile |
access_token | Parameter Alias | session_token |
aws_security_token | Parameter Alias | session_token |
security_token | Parameter Alias | session_token |
These removals help modernize the code and encourage use of security-focused, consistent naming patterns.
Code quality improvement
As part of ongoing efforts to maintain a high-quality, maintainable and consistent codebase, the amazon.aws 10.0.0 release includes an upgrade to ansible-lint version 25.1.2.
ansible-lint is a crucial tool for validating the quality and compliance of Ansible content. It enforces best practices, flags common mistakes and promotes consistent formatting and structure across the collection.
By upgrading to the latest version of ansible-lint, the amazon.aws collection continues to deliver high-quality content that is focused on security, maintainable and aligned with the evolving standards of Ansible automation.
Compatibility and testing strategy with Ansible Core 2.19
Ansible Core 2.19 introduces the Data Tagging feature—a significant enhancement that involves a deep overhaul of the Jinja2 templating engine. While backward compatibility has been a top priority, some subtle changes in behavior may require updates to existing playbooks or templates.
To ensure a smooth upgrade path and proactively address potential issues, the amazon.aws collection has undergone integration testing against the build of ansible-core 2.19.
During this testing phase:
- Incompatibilities and regressions were identified early.
- Required adjustments were made to the collection code to maintain compatibility.
- Proactive testing helps ensure that users can adopt Ansible Core 2.19 without disruptions to their automation workflows.
By validating amazon.aws with the upcoming core features, we aim to deliver a more reliable experience as Ansible continues to evolve.
Learn more about the Data Tagging feature and testing plans on the Ansible Forum.
Final thoughts
The release of amazon.aws 10.0.0 marks a significant advancement in cloud automation. With newly supported modules, enhanced error handling, a more security-focused connection plug-in and updated dependencies, this version provides both users and contributors with the tools necessary to build scalable and efficient AWS infrastructure with robust security capabilities.
We encourage you to explore the new features, review your playbooks for deprecated components and upgrade your environment to align with the latest best practices.
Stay tuned for our upcoming posts where we’ll walk through real-world examples using the aws_ssm plug-in and dive deeper into how to take advantage of these updates in enterprise automation strategies.
Looking to get started with Ansible for Amazon Web Services?
- Check out the Amazon Web Services Guide
- Try out the hands-on Interactive Labs
- Read the e-book: Using automation to get the most from your public cloud
Where to go next?
- Check out Red Hat Summit 2025!
- For further reading and information, visit other blogs related to Ansible Automation Platform.
- Check out the YouTube playlist for everything about Ansible Content Collections.
- Are you new to Ansible automation and want to learn? Check out our getting started guide on developers.redhat.com.
- Check out the Ansible Automation Platform YouTube channel.
- Visit the Red Hat Ansible Automation Platform web page.
product trial
Red Hat Ansible Automation Platform | Product Trial
About the author
More like this
Browse by channel
Automation
The latest on IT automation for tech, teams, and environments
Artificial intelligence
Updates on the platforms that free customers to run AI workloads anywhere
Open hybrid cloud
Explore how we build a more flexible future with hybrid cloud
Security
The latest on how we reduce risks across environments and technologies
Edge computing
Updates on the platforms that simplify operations at the edge
Infrastructure
The latest on the world’s leading enterprise Linux platform
Applications
Inside our solutions to the toughest application challenges
Virtualization
The future of enterprise virtualization for your workloads on-premise or across clouds
