Hi, Firstly - please regenerate access keys used for that account, as now the whole internet can access your account.
Secondly - can you run the playbook with -vv to see what's actually going on. kind regards Pshem On Wed, 17 Jan 2018 at 14:08 Reddy Myyb <[email protected]> wrote: > Hi Pshem, > Please find below the content of my playbook. > > --- > - hosts: localhost > become: yes > become_method: sudo > vars_files: > - ec2-vars/sam.yml > roles: > - { role: security } > > Below is my role. > > - name: Bstar ec2 group > - ec2_group: > name: bright_pedda > description: an example EC2 group > vpc_id: vpc-1ab4277e > region: ap-southeast-2a > aws_secret_key: AKIAJ2H25HM333T2WEIQ > aws_access_key: 30uio86RAQssiOUUAGFpTcQ4UOEHvWlPTAJ++pA8 > rules: > - proto: tcp > from_port: 80 > to_port: 80 > cidr_ip: 0.0.0.0/0 > - proto: tcp > from_port: 22 > to_port: 22 > cidr_ip: 10.0.0.0/8 > - proto: tcp > from_port: 443 > to_port: 443 > group_id: amazon-elb/sg-87654321/amazon-elb-sg > - proto: tcp > from_port: 3306 > to_port: 3306 > group_id: 123412341234/sg-87654321/exact-name-of-sg > - proto: udp > from_port: 10050 > to_port: 10050 > cidr_ip: 10.0.0.0/8 > - proto: udp > from_port: 10051 > to_port: 10051 > group_id: sg-12345678 > - proto: icmp > from_port: 8 # icmp type, -1 = any type > to_port: -1 # icmp subtype, -1 = any subtype > cidr_ip: 10.0.0.0/8 > - proto: all > # the containing group name may be specified here > group_name: Bstar_SecurityGroups > rules_egress: > - proto: tcp > from_port: 80 > to_port: 80 > cidr_ip: 0.0.0.0/0 > cidr_ipv6: 64:ff9b::/96 > group_name: example-other > # description to use if example-other needs to be created > group_desc: other example EC2 group > > Regards, > Reddy > > On Wednesday, 17 January 2018 06:56:00 UTC+11, Pshem Kowalczyk wrote: > >> It seems like you have any tasks in your playbook. Could you show the >> content of the playbook? >> >> kind regards >> Pshem >> >> >> On Tue, 16 Jan 2018 at 16:58 Reddy Myyb <[email protected]> wrote: >> > Hi Pshem, >>> I have made it as a task and able to run. The play runs successfully, >>> but I can't see the security group in my aws console. The out put says >>> changed=0. I'm running teh play frm one VPC and the creation is on other >>> VPC. My output below. PLease let me know if there's anything I need to >>> change. >>> >>> PLAY [localhost] >>> ************************************************************************************************************* >>> >>> TASK [Gathering Facts] >>> ******************************************************************************************************* >>> ok: [localhost] >>> >>> PLAY RECAP >>> ******************************************************************************************************************* >>> localhost : ok=1 changed=0 unreachable=0 >>> failed=0 >>> >>> Regards, >>> Reddy >>> >>> On Sunday, 14 January 2018 19:12:50 UTC+11, Pshem Kowalczyk wrote: >>> >>>> This looks like a definition of a role, not a play. If you want this to >>>> be a play you have to turn this into the 'tasks' section of the yaml file >>>> and specify at least hosts you want this ran against. >>>> >>>> kind regards >>>> Pshem >>>> >>>> >>>> On Sun, 14 Jan 2018 at 19:17 Reddy Myyb <[email protected]> wrote: >>>> >>> The script to create aws security group is not working anymore. I have >>>>> ansible 2.3.1.0, my script as below. >>>>> >>>>> - name: Bstar ec2 group >>>>> ec2_group: >>>>> name: bright_star >>>>> description: an example EC2 group >>>>> vpc_id: vpc-1ab4e >>>>> region: ap-southeast-2a >>>>> aws_secret_key: SKEY >>>>> aws_access_key: AKEY >>>>> rules: >>>>> - proto: tcp >>>>> from_port: 80 >>>>> to_port: 80 >>>>> cidr_ip: 0.0.0.0/0 >>>>> - proto: tcp >>>>> from_port: 22 >>>>> to_port: 22 >>>>> cidr_ip: 10.0.0.0/8 >>>>> - proto: tcp >>>>> from_port: 443 >>>>> to_port: 443 >>>>> group_id: amazon-elb/sg-87654321/amazon-elb-sg >>>>> - proto: tcp >>>>> from_port: 3306 >>>>> to_port: 3306 >>>>> group_id: 123412341234/sg-87654321/exact-name-of-sg >>>>> - proto: udp >>>>> from_port: 10050 >>>>> to_port: 10050 >>>>> cidr_ip: 10.0.0.0/8 >>>>> - proto: udp >>>>> from_port: 10051 >>>>> to_port: 10051 >>>>> group_id: sg-12345678 >>>>> - proto: icmp >>>>> from_port: 8 # icmp type, -1 = any type >>>>> to_port: -1 # icmp subtype, -1 = any subtype >>>>> cidr_ip: 10.0.0.0/8 >>>>> - proto: all >>>>> # the containing group name may be specified here >>>>> group_name: Bstar_SecurityGroups >>>>> rules_egress: >>>>> - proto: tcp >>>>> from_port: 80 >>>>> to_port: 80 >>>>> cidr_ip: 0.0.0.0/0 >>>>> cidr_ipv6: 64:ff9b::/96 >>>>> group_name: example-other >>>>> # description to use if example-other needs to be created >>>>> group_desc: other example EC2 group >>>>> >>>>> Please provide the correct module for security group. >>>>> >>>>> Below is the error message: >>>>> >>>>> ERROR! 'ec2_group' is not a valid attribute for a Play >>>>> >>>>> The error appears to have been in >>>>> '/home/devopsadmin/dev/security.yml': line 1, column 3, but may >>>>> be elsewhere in the file depending on the exact syntax problem. >>>>> >>>>> The offending line appears to be: >>>>> >>>>> >>>>> - name: Bstar ec2 group >>>>> ^ here >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Ansible Project" group. >>>>> >>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To post to this group, send email to [email protected]. >>>> >>>> >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/d/msgid/ansible-project/b1709fe2-99ae-416e-a941-661cb3e3e9f4%40googlegroups.com >>>>> <https://groups.google.com/d/msgid/ansible-project/b1709fe2-99ae-416e-a941-661cb3e3e9f4%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> >> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/9d267838-d933-4473-9e20-2248c854bf97%40googlegroups.com >>> <https://groups.google.com/d/msgid/ansible-project/9d267838-d933-4473-9e20-2248c854bf97%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/a2040d9b-51b0-482f-afea-b45beb034178%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/a2040d9b-51b0-482f-afea-b45beb034178%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEaZiRXyLwhsmgR4hQu5UPONMSw1SvVytpmzL9akUiB4YQ3gLw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
