Hi, Looking at your debug it's some sort of authentication issue with AWS:
boto.exception.EC2ResponseError: EC2ResponseError: 401 Unauthorized This might mean that the keys are not correct or the user that the keys are associated with doesn't have the permission to carry out the operation. kind regards Pshem On Fri, 19 Jan 2018 at 19:09 Reddy Myyb <[email protected]> wrote: > Hi Pshem, > Please find below the latest error details. > > An exception occurred during task execution. To see the full traceback, > use -vvv. The error was: ClientError: An error occurred (AuthFailure) when > calling the DescribeSecurityGroups operation: Credential must have exactly > 5 slash-delimited elements, e.g. keyid/date/region/service/term, got > 'Dt4q191m7+gPbrnkQfEZT9QUoIWDVyq0ous/TS76/20180119/ap-southeast-2/ec2/aws4_request,' > fatal: [localhost]: FAILED! => {"changed": false, "error": {"code": > "AuthFailure", "message": "Credential must have exactly 5 slash-delimited > elements, e.g. keyid/date/region/service/term, got > 'Dt4q191m7+gPbrnkQfEZT9QUoIWDVyq0ous/TS76/20180119/ap-southeast-2/ec2/aws4_request,'"}, > "msg": "Error in describe_security_groups: An error occurred (AuthFailure) > when calling the DescribeSecurityGroups operation: Credential must have > exactly 5 slash-delimited elements, e.g. keyid/date/region/service/term, > got > 'Dt4q191m7+gPbrnkQfEZT9QUoIWDVyq0ous/TS76/20180119/ap-southeast-2/ec2/aws4_request,'", > "response_metadata": {"http_headers": {"date": "Fri, 19 Jan 2018 06:06:24 > GMT", "server": "AmazonEC2", "transfer-encoding": "chunked"}, > "http_status_code": 401, "request_id": > "096c5f20-ff34-4c4f-b5ff-7e5216ec727d", "retry_attempts": 0}} > > > Regards, > Reddy > > On Sunday, 14 January 2018 19:12:50 UTC+11, Pshem Kowalczyk wrote: > >> This looks like a definition of a role, not a play. If you want this to >> be a play you have to turn this into the 'tasks' section of the yaml file >> and specify at least hosts you want this ran against. >> >> kind regards >> Pshem >> >> >> On Sun, 14 Jan 2018 at 19:17 Reddy Myyb <[email protected]> wrote: >> > The script to create aws security group is not working anymore. I have >>> ansible 2.3.1.0, my script as below. >>> >>> - name: Bstar ec2 group >>> ec2_group: >>> name: bright_star >>> description: an example EC2 group >>> vpc_id: vpc-1ab4e >>> region: ap-southeast-2a >>> aws_secret_key: SKEY >>> aws_access_key: AKEY >>> rules: >>> - proto: tcp >>> from_port: 80 >>> to_port: 80 >>> cidr_ip: 0.0.0.0/0 >>> - proto: tcp >>> from_port: 22 >>> to_port: 22 >>> cidr_ip: 10.0.0.0/8 >>> - proto: tcp >>> from_port: 443 >>> to_port: 443 >>> group_id: amazon-elb/sg-87654321/amazon-elb-sg >>> - proto: tcp >>> from_port: 3306 >>> to_port: 3306 >>> group_id: 123412341234/sg-87654321/exact-name-of-sg >>> - proto: udp >>> from_port: 10050 >>> to_port: 10050 >>> cidr_ip: 10.0.0.0/8 >>> - proto: udp >>> from_port: 10051 >>> to_port: 10051 >>> group_id: sg-12345678 >>> - proto: icmp >>> from_port: 8 # icmp type, -1 = any type >>> to_port: -1 # icmp subtype, -1 = any subtype >>> cidr_ip: 10.0.0.0/8 >>> - proto: all >>> # the containing group name may be specified here >>> group_name: Bstar_SecurityGroups >>> rules_egress: >>> - proto: tcp >>> from_port: 80 >>> to_port: 80 >>> cidr_ip: 0.0.0.0/0 >>> cidr_ipv6: 64:ff9b::/96 >>> group_name: example-other >>> # description to use if example-other needs to be created >>> group_desc: other example EC2 group >>> >>> Please provide the correct module for security group. >>> >>> Below is the error message: >>> >>> ERROR! 'ec2_group' is not a valid attribute for a Play >>> >>> The error appears to have been in '/home/devopsadmin/dev/security.yml': >>> line 1, column 3, but may >>> be elsewhere in the file depending on the exact syntax problem. >>> >>> The offending line appears to be: >>> >>> >>> - name: Bstar ec2 group >>> ^ here >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> >> To unsubscribe from this group and stop receiving emails from it, send an >>> email to [email protected]. >>> To post to this group, send email to [email protected]. >> >> >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/b1709fe2-99ae-416e-a941-661cb3e3e9f4%40googlegroups.com >>> <https://groups.google.com/d/msgid/ansible-project/b1709fe2-99ae-416e-a941-661cb3e3e9f4%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/a34c9849-6748-4206-96a3-8672029a2ecc%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/a34c9849-6748-4206-96a3-8672029a2ecc%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEaZiRU78pyjnsZNocuaUUeVRq5cix1RGOKDDwv9z1tevoEzqg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
