Obviously I have not shared credentials this is the policy of role, which has full access of ec2.
On Wed, Jun 25, 2014 at 6:28 PM, Michael Peters <[email protected]> wrote: > Are you showing the credentials of the role you are using to create > the EC2 instance or those of the role the new EC2 instance will be? > > On Wed, Jun 25, 2014 at 2:42 AM, Faisal Ali Rabbani > <[email protected]> wrote: > > I am trying to create EC2 instance via ansible using IAM roles but I > while > > launching new instance I get error > > > > failed: [localhost] => (item= IAMRole-1) => {"failed": true, "item": " > > IAMRole-1"} > > msg: Instance creation failed => UnauthorizedOperation: You are not > > authorized to perform > > this operation. Encoded authorization failure message: > > Ckcjt2GD81D5dlF6XakTSDypnwrgeQb0k > > > ouRMKh3Ol1jue553EZ7OXPt6fk1Q1-4HM-tLNPCkiX7ZgJWXYGSjHg2xP1A9LR7KBiXYeCtFKEQIC > > > W9cot3KAKPVcNXkHLrhREMfiT5KYEtrsA2A-xFCdvqwM2hNTNf7Y6VGe0Z48EDIyO5p5DxdNFsaSChUcb > > iRUhSyRXIGWr_ZKkGM9GoyoVWCBk3Ni2Td7zkZ1EfAIeRJobiOnYXKE6Q > > > > whereas iam role has full ec2 access, with following policy > > > > { > > "Version": "2012-10-17", > > "Statement": [ > > { > > "Action": "ec2:*", > > "Effect": "Allow", > > "Resource": "*" > > }, > > { > > "Effect": "Allow", > > "Action": "elasticloadbalancing:*", > > "Resource": "*" > > }, > > { > > "Effect": "Allow", > > "Action": "cloudwatch:*", > > "Resource": "*" > > }, > > { > > "Effect": "Allow", > > "Action": "autoscaling:*", > > "Resource": "*" > > } > > ] > > } > > > > Any suggestions please. > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Ansible Project" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > To post to this group, send email to [email protected]. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/ansible-project/2f8870b4-f57b-4cf9-925b-03f56636df12%40googlegroups.com > . > > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Ansible Project" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ansible-project/sdx8b0L9iX0/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAJQqANeOq2nTtVMWpXG8EV3-9Qcpcqby9waUQMmiy5tdGMCjtw%40mail.gmail.com > . > For more options, visit https://groups.google.com/d/optout. > -- ------------------------------ *Regards, Faisal Ali Rabbani* E-MAIL DISCLAIMER: The person(s) addressed in this e-mail is/are the sole authorized recipient(s). Information contained in this message and it's attachments are proprietary, may be confidential or privileged and is for the named recipient(s) only, except where the sender specifically states otherwise. If you are not the intended recipient, you may not copy or deliver this message to anyone. No part of this material should be reproduced or published in any form by any means; electronic or mechanical including photocopy or any information storage or retrieval system nor should the material be disclosed to 3rd parties. SECURITY WARNING: Please note that this e-mail has been created in the knowledge that internet e-mail is not a 100% secure communications medium. We advise that you understand and observe the lack of security when e-mailing us. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAJbq%3D23VPN__P3JfupHW9B1%2BqWkNDsdt3ySnDxzVUOzbuRWLcg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
