so basically I *just *need to loop over extra variables in an inline way to construct the unique name and the unique policy template, then, the usual loop for the module will create the resources in aws. - should using *Lookup *a good start for inline loop ? - as *nested *and *subelements *can't seem to achieve this, what other solution I can explore ? cheers Le lundi 17 août 2020 à 11:52:15 UTC-7, Nick-H a écrit :
> Thanks Racke, I should have had some context. policy_name can vary, > actually in the real task I have other policies with other names, hence the > use of a loop for item.name and item.policy . > Just this specific one named rds_foo_bar needs the nested arguments from > my vars list(or dict I am not sure) . > Although I can create a dedicate task just for that policy if that is too > complicated, I just thought I could do some nested loop over variables. > Interesting facts, with nested it actually loop over each character in the > key:value > *Couldn't create policy rds-dev-[[u'r', u'e', u'g', u'i', u'o', u'n', > u's'], [u'r', u'o', u'l', u'e']]* > > the actual play looks like: > > iam_managed_policy: > policy_name: "{{ item.name }}" > policy: "{{ item.policy }}" > state: present > loop: > - { name: > "rds-prod-{{ lookup('dict', mysql_privilege[0].value ) }} ", > policy: "{{ lookup('template', rds-prod.json.j2) }}" } > # - { name: "rds-dev-{{ lookup('nested',mysql_privilege )", > policy: "{{ lookup('template', rds_dev.json.j2) }}" } > > # - { name: cloudwatch, policy: "{{ > lookup('template','cloudwatch.json.j2') }}" } > # other policies with name and policy > vars: > mysql_privilege: > role: > - rw > - ro > rds_region: > - us-west-1 > - us-west-2 > > And rds-prod.json.j2 also reuses the variables from mysql_privilege dict > as: > ... > "Action": [ > "rds-db:connect" > ], > "Resource": "arn:aws:rds-db:{{ rds_region }}{{ aws_id > }}:dbuser:*/username-{{ role }}" > ... > > > Le jeudi 13 août 2020 à 11:39:26 UTC-7, brae...@gmail.com a écrit : > >> On 8/13/20 8:00 PM, Nick-H wrote: >> > so, I have been trying with lookup('dict') but still not quite close >> to the expected result >> > I get: " An unhandled exception occurred while running the lookup >> plugin 'dict'. Error was a <class >> > 'ansible.errors.AnsibleError'>, original message: with_dict expects a >> dict" >> > her is the last code : >> > >> > iam_managed_policy: >> > policy_name: "{{ item.name }}" >> > policy: "{{ item.policy }}" >> > state: present >> > loop: >> > >> - { name: "rds-{{ lookup('dict', mysql_privilege[0].value ) }} ", >> policy: "{{ lookup('template', 'template.json.j2') }}" } >> >> > >> # - { name: "rds-{{ lookup('nested', mysql_privilege[role] ) }} ", >> policy: "{{ lookup('template', 'template.json.j2') }}" } >> >> > vars: >> > mysql_privilege: >> > role: >> > - rw >> > - ro >> > regions: >> > - us-west-1 >> > - us-west-2 >> > >> >> What are the possible values for policy_name? The value for the "policy" >> seems to the same lookup so you don't need in >> the loop. >> >> I'm pretty sure that you are running into brick walls for a possibly >> simple problem. >> >> So please explain / give examples how the policy_name is constructed. >> >> Regards >> Racke >> >> > >> > >> > >> > Le mercredi 12 août 2020 à 17:27:22 UTC-7, Nick-H a écrit : >> > >> > Hi, I have been looking into /nested /, /subelements /and other >> /lookups /with no luck to make this working , using >> > ansible 2.8. >> > Basically , I'd like to construct a loop than can itself iterate over >> other variables (list or dict). >> > * iam_managed_policy:* >> > * policy_name: "{{ item.name <http://item.name> }}"* >> > * policy: "{{ item.policy }}"* >> > * state: present* >> > * loop:* >> > * - { name: "rds-{{mysql_privilege}}-{{regions}}", policy: >> "{{ lookup('template', template.json.j2') }}" }* >> > * vars:* >> > * mysql_privilege:** * >> > * - rw* >> > * - ro* >> > * regions: * >> > * - us-west-1* >> > * - us-west-2* >> > >> > but it end up with such result: >> > "Couldn't create policy rds-prod-[u'rw', u'ro'] - [u'ca-central-1', >> u'us-west-1']" >> > >> > What i d like is each loop would build a 2 dimensions array with the >> vars elements ( rw-us-west-1 , rw-us-west-2, >> > ro-us-west-1, ro-us-west-2) >> > >> > Is that even possible to achieve with ansible ? >> > thanks >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups "Ansible Project" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an email to >> > ansible-proje...@googlegroups.com <mailto: >> ansible-proje...@googlegroups.com>. >> > To view this discussion on the web visit >> > >> https://groups.google.com/d/msgid/ansible-project/bacb4345-c3a7-4663-9931-91b3f0225175n%40googlegroups.com >> >> > < >> https://groups.google.com/d/msgid/ansible-project/bacb4345-c3a7-4663-9931-91b3f0225175n%40googlegroups.com?utm_medium=email&utm_source=footer>. >> >> >> >> >> -- >> Ecommerce and Linux consulting + Perl and web application programming. >> Debian and Sympa administration. Provisioning with Ansible. >> >> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/5fbcc30f-c17f-4416-8f05-06cd320f2d4dn%40googlegroups.com.