[ansible-project] Re: In Ansible, how do I use the ec2_group module to query if a security group exists, and then check for the result?

Mon, 29 Aug 2016 11:38:19 -0700 

Essentially, I want to do this in Ansible

aws ec2 describe-security-groups --filters 
Name=group-name,Values=sg_ansible_test 
--query 'SecurityGroups[*].{Name:GroupName}'




On Monday, August 29, 2016 at 1:56:47 PM UTC-4, ZillaYT wrote:
>
> Im trying to write a role that queries a security group if it exists, and 
> then create if if not. So I manually created the security group first via 
> AWS GUI.
>
> Then I tried the following for the query.
>
> - name: Query if security group exits
>   ec2_group: name="my_test_sg" description="Test SG" region="us-east-1"
>   register: sg_query
>
> But I get the following
>
> TASK [security_group : Query if the the security group exists] 
> *****************
>
>  
>
> fatal: [10.22.9.27]: FAILED! => {"changed": false, "failed": true, 
> "module_stderr": "", "module_stdout": "Traceback (most recent call 
> last):\r\n  File \"/tmp/ansible_jGKApb/ansible_module_ec2_group.py\", line 
> 472, in <module>\r\n    main()\r\n  File 
> \"/tmp/ansible_jGKApb/ansible_module_ec2_group.py\", line 271, in main\r\n 
>    for curGroup in ec2.get_all_security_groups():\r\n  File 
> \"/usr/lib/python2.7/site-packages/boto/ec2/connection.py\", line 2984, in 
> get_all_security_groups\r\n    [('item', SecurityGroup)], verb='POST')\r\n 
>  File \"/usr/lib/python2.7/site-packages/boto/connection.py\", line 1186, 
> in get_list\r\n    raise self.ResponseError(response.status, 
> response.reason, body)\r\nboto.exception.EC2ResponseError: 
> EC2ResponseError: 403 Forbidden\r\n<?xml version=\"1.0\" 
> encoding=\"UTF-8\"?>\r\n<Response><Errors><Error><Code>UnauthorizedOperation</Code><Message>You
>  
> are not authorized to perform this 
> operation.</Message></Error></Errors><RequestID>5b101381-5d4f-43f0-b225-7a042e6151cf</RequestID></Response>\r\n"
> , "msg": "MODULE FAILURE", "parsed": false}
>
>
> It looks like it's trying to create the security group. Any clues?
>
>
> Thanks.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/33291cad-bfb2-4d5c-810c-6a1a1542ff9c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to