I found the issue ! I'm using the keys incorrectly, corrected and working
fine !
On Sunday, 21 January 2018 17:04:12 UTC+11, Reddy Myyb wrote:
>
> I'm trying to create a security group but there's an error as below.
> Please suggest where I'm going wrong.
>
> An exception occurred during task execution. To see the full traceback,
> use -vvv. The error was: ClientError: An error occurred (AuthFailure) when
> calling the DescribeSecurityGroups operation: Credential must have exactly
> 5 slash-delimited elements, e.g. keyid/date/region/service/term, got
> 'Dt4q191m7+gPbrnkQfEZT9QUoIWDVyq0ous/TS76/20180121/ap-southeast-2/ec2/aws4_request,'
> fatal: [localhost]: FAILED! => {"changed": false, "error": {"code":
> "AuthFailure", "message": "Credential must have exactly 5 slash-delimited
> elements, e.g. keyid/date/region/service/term, got
> 'Dt4q191m7+gPbrnkQfEZT9QUoIWDVyq0ous/TS76/20180121/ap-southeast-2/ec2/aws4_request,'"},
>
> "msg": "Error in describe_security_groups: An error occurred (AuthFailure)
> when calling the DescribeSecurityGroups operation: Credential must have
> exactly 5 slash-delimited elements, e.g. keyid/date/region/service/term,
> got
> 'Dt4q191m7+gPbrnkQfEZT9QUoIWDVyq0ous/TS76/20180121/ap-southeast-2/ec2/aws4_request,'",
>
> "response_metadata": {"http_headers": {"date": "Sun, 21 Jan 2018 05:46:05
> GMT", "server": "AmazonEC2", "transfer-encoding": "chunked"},
> "http_status_code": 401, "request_id":
> "49ed7240-3659-4bb5-9f8a-2aa4da77b2ce", "retry_attempts": 0}}
>
> Please find below my playbook and role.
>
> ---
> - hosts: localhost
> become: yes
> become_method: sudo
> roles:
> - { role: security }
>
> Below my role.
>
> - name: Bstar ec2 group
> ec2_group:
> name: bright_group
> description: an example EC2 group
> vpc_id: vpc-1abxxxxx
> region: ap-southeast-2
> aws_secret_key: XXXXXXXXXXXXXXXXXXXX
> aws_access_key: Dt4q191m7+gPxxxxxxxxxxxxxxxxxxxxous/TS76
> rules:
> - proto: tcp
> from_port: 80
> to_port: 80
> cidr_ip: 0.0.0.0/0
> - proto: tcp
> from_port: 22
> to_port: 22
> cidr_ip: 10.0.0.0/8
> - proto: tcp
> from_port: 443
> to_port: 443
> group_id: amazon-elb/sg-87654321/amazon-elb-sg
> - proto: tcp
> from_port: 3306
> to_port: 3306
> group_id: 123412341234/sg-87654321/exact-name-of-sg
> - proto: udp
> from_port: 10050
> to_port: 10050
> cidr_ip: 10.0.0.0/8
> - proto: udp
> from_port: 10051
> to_port: 10051
> group_id: sg-12345678
> - proto: icmp
> from_port: 8 # icmp type, -1 = any type
> to_port: -1 # icmp subtype, -1 = any subtype
> cidr_ip: 10.0.0.0/8
> - proto: all
> # the containing group name may be specified here
> group_name: Bar_SecurityGroups
> rules_egress:
> - proto: tcp
> from_port: 80
> to_port: 80
> cidr_ip: 0.0.0.0/0
> cidr_ipv6: 64:ff9b::/96
> group_name: example-other
> # description to use if example-other needs to be created
> group_desc: other example EC2 group
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/8554324b-dddf-4af8-876f-16e359eb79c7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
