I regret the previous post ! In the first post I edited the access keys ! On Wednesday, 17 January 2018 14:38:34 UTC+11, Pshem Kowalczyk wrote: > > Hi, > > Firstly - please regenerate access keys used for that account, as now the > whole internet can access your account. > > Secondly - can you run the playbook with -vv to see what's actually going > on. > > kind regards > Pshem > > > On Wed, 17 Jan 2018 at 14:08 Reddy Myyb <[email protected] <javascript:>> > wrote: > >> Hi Pshem, >> Please find below the content of my playbook. >> >> --- >> - hosts: localhost >> become: yes >> become_method: sudo >> vars_files: >> - ec2-vars/sam.yml >> roles: >> - { role: security } >> >> Below is my role. >> >> - name: Bstar ec2 group >> - ec2_group: >> name: bright_pedda >> description: an example EC2 group >> vpc_id: vpc-1ab4277e >> region: ap-southeast-2a >> aws_secret_key: AKIAJ2H25HM333T2WEIQ >> aws_access_key: 30uio86RAQssiOUUAGFpTcQ4UOEHvWlPTAJ++pA8 >> rules: >> - proto: tcp >> from_port: 80 >> to_port: 80 >> cidr_ip: 0.0.0.0/0 >> - proto: tcp >> from_port: 22 >> to_port: 22 >> cidr_ip: 10.0.0.0/8 >> - proto: tcp >> from_port: 443 >> to_port: 443 >> group_id: amazon-elb/sg-87654321/amazon-elb-sg >> - proto: tcp >> from_port: 3306 >> to_port: 3306 >> group_id: 123412341234/sg-87654321/exact-name-of-sg >> - proto: udp >> from_port: 10050 >> to_port: 10050 >> cidr_ip: 10.0.0.0/8 >> - proto: udp >> from_port: 10051 >> to_port: 10051 >> group_id: sg-12345678 >> - proto: icmp >> from_port: 8 # icmp type, -1 = any type >> to_port: -1 # icmp subtype, -1 = any subtype >> cidr_ip: 10.0.0.0/8 >> - proto: all >> # the containing group name may be specified here >> group_name: Bstar_SecurityGroups >> rules_egress: >> - proto: tcp >> from_port: 80 >> to_port: 80 >> cidr_ip: 0.0.0.0/0 >> cidr_ipv6: 64:ff9b::/96 >> group_name: example-other >> # description to use if example-other needs to be created >> group_desc: other example EC2 group >> >> Regards, >> Reddy >> >> On Wednesday, 17 January 2018 06:56:00 UTC+11, Pshem Kowalczyk wrote: >> >>> It seems like you have any tasks in your playbook. Could you show the >>> content of the playbook? >>> >>> kind regards >>> Pshem >>> >>> >>> On Tue, 16 Jan 2018 at 16:58 Reddy Myyb <[email protected]> wrote: >>> >> Hi Pshem, >>>> I have made it as a task and able to run. The play runs successfully, >>>> but I can't see the security group in my aws console. The out put says >>>> changed=0. I'm running teh play frm one VPC and the creation is on other >>>> VPC. My output below. PLease let me know if there's anything I need to >>>> change. >>>> >>>> PLAY [localhost] >>>> ************************************************************************************************************* >>>> >>>> TASK [Gathering Facts] >>>> ******************************************************************************************************* >>>> ok: [localhost] >>>> >>>> PLAY RECAP >>>> ******************************************************************************************************************* >>>> localhost : ok=1 changed=0 unreachable=0 >>>> failed=0 >>>> >>>> Regards, >>>> Reddy >>>> >>>> On Sunday, 14 January 2018 19:12:50 UTC+11, Pshem Kowalczyk wrote: >>>> >>>>> This looks like a definition of a role, not a play. If you want this >>>>> to be a play you have to turn this into the 'tasks' section of the yaml >>>>> file and specify at least hosts you want this ran against. >>>>> >>>>> kind regards >>>>> Pshem >>>>> >>>>> >>>>> On Sun, 14 Jan 2018 at 19:17 Reddy Myyb <[email protected]> wrote: >>>>> >>>> The script to create aws security group is not working anymore. I have >>>>>> ansible 2.3.1.0, my script as below. >>>>>> >>>>>> - name: Bstar ec2 group >>>>>> ec2_group: >>>>>> name: bright_star >>>>>> description: an example EC2 group >>>>>> vpc_id: vpc-1ab4e >>>>>> region: ap-southeast-2a >>>>>> aws_secret_key: SKEY >>>>>> aws_access_key: AKEY >>>>>> rules: >>>>>> - proto: tcp >>>>>> from_port: 80 >>>>>> to_port: 80 >>>>>> cidr_ip: 0.0.0.0/0 >>>>>> - proto: tcp >>>>>> from_port: 22 >>>>>> to_port: 22 >>>>>> cidr_ip: 10.0.0.0/8 >>>>>> - proto: tcp >>>>>> from_port: 443 >>>>>> to_port: 443 >>>>>> group_id: amazon-elb/sg-87654321/amazon-elb-sg >>>>>> - proto: tcp >>>>>> from_port: 3306 >>>>>> to_port: 3306 >>>>>> group_id: 123412341234/sg-87654321/exact-name-of-sg >>>>>> - proto: udp >>>>>> from_port: 10050 >>>>>> to_port: 10050 >>>>>> cidr_ip: 10.0.0.0/8 >>>>>> - proto: udp >>>>>> from_port: 10051 >>>>>> to_port: 10051 >>>>>> group_id: sg-12345678 >>>>>> - proto: icmp >>>>>> from_port: 8 # icmp type, -1 = any type >>>>>> to_port: -1 # icmp subtype, -1 = any subtype >>>>>> cidr_ip: 10.0.0.0/8 >>>>>> - proto: all >>>>>> # the containing group name may be specified here >>>>>> group_name: Bstar_SecurityGroups >>>>>> rules_egress: >>>>>> - proto: tcp >>>>>> from_port: 80 >>>>>> to_port: 80 >>>>>> cidr_ip: 0.0.0.0/0 >>>>>> cidr_ipv6: 64:ff9b::/96 >>>>>> group_name: example-other >>>>>> # description to use if example-other needs to be created >>>>>> group_desc: other example EC2 group >>>>>> >>>>>> Please provide the correct module for security group. >>>>>> >>>>>> Below is the error message: >>>>>> >>>>>> ERROR! 'ec2_group' is not a valid attribute for a Play >>>>>> >>>>>> The error appears to have been in >>>>>> '/home/devopsadmin/dev/security.yml': line 1, column 3, but may >>>>>> be elsewhere in the file depending on the exact syntax problem. >>>>>> >>>>>> The offending line appears to be: >>>>>> >>>>>> >>>>>> - name: Bstar ec2 group >>>>>> ^ here >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "Ansible Project" group. >>>>>> >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>>> an email to [email protected]. >>>>>> To post to this group, send email to [email protected]. >>>>> >>>>> >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/d/msgid/ansible-project/b1709fe2-99ae-416e-a941-661cb3e3e9f4%40googlegroups.com >>>>>> >>>>>> <https://groups.google.com/d/msgid/ansible-project/b1709fe2-99ae-416e-a941-661cb3e3e9f4%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>> >>>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Ansible Project" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> >>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/ansible-project/9d267838-d933-4473-9e20-2248c854bf97%40googlegroups.com >>>> >>>> <https://groups.google.com/d/msgid/ansible-project/9d267838-d933-4473-9e20-2248c854bf97%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To post to this group, send email to [email protected] >> <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/a2040d9b-51b0-482f-afea-b45beb034178%40googlegroups.com >> >> <https://groups.google.com/d/msgid/ansible-project/a2040d9b-51b0-482f-afea-b45beb034178%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> >
-- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/6c0b452f-1607-4264-b108-241e8410e47d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
