I'm trying to create a security group but there's an error as below. Please
suggest where I'm going wrong.
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: ClientError: An error occurred (AuthFailure) when
calling the DescribeSecurityGroups operation: Credential must have exactly
5 slash-delimited elements, e.g. keyid/date/region/service/term, got
'Dt4q191m7+gPbrnkQfEZT9QUoIWDVyq0ous/TS76/20180121/ap-southeast-2/ec2/aws4_request,'
fatal: [localhost]: FAILED! => {"changed": false, "error": {"code":
"AuthFailure", "message": "Credential must have exactly 5 slash-delimited
elements, e.g. keyid/date/region/service/term, got
'Dt4q191m7+gPbrnkQfEZT9QUoIWDVyq0ous/TS76/20180121/ap-southeast-2/ec2/aws4_request,'"},
"msg": "Error in describe_security_groups: An error occurred (AuthFailure)
when calling the DescribeSecurityGroups operation: Credential must have
exactly 5 slash-delimited elements, e.g. keyid/date/region/service/term,
got
'Dt4q191m7+gPbrnkQfEZT9QUoIWDVyq0ous/TS76/20180121/ap-southeast-2/ec2/aws4_request,'",
"response_metadata": {"http_headers": {"date": "Sun, 21 Jan 2018 05:46:05
GMT", "server": "AmazonEC2", "transfer-encoding": "chunked"},
"http_status_code": 401, "request_id":
"49ed7240-3659-4bb5-9f8a-2aa4da77b2ce", "retry_attempts": 0}}
Please find below my playbook and role.
---
- hosts: localhost
become: yes
become_method: sudo
roles:
- { role: security }
Below my role.
- name: Bstar ec2 group
ec2_group:
name: bright_group
description: an example EC2 group
vpc_id: vpc-1abxxxxx
region: ap-southeast-2
aws_secret_key: XXXXXXXXXXXXXXXXXXXX
aws_access_key: Dt4q191m7+gPxxxxxxxxxxxxxxxxxxxxous/TS76
rules:
- proto: tcp
from_port: 80
to_port: 80
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 10.0.0.0/8
- proto: tcp
from_port: 443
to_port: 443
group_id: amazon-elb/sg-87654321/amazon-elb-sg
- proto: tcp
from_port: 3306
to_port: 3306
group_id: 123412341234/sg-87654321/exact-name-of-sg
- proto: udp
from_port: 10050
to_port: 10050
cidr_ip: 10.0.0.0/8
- proto: udp
from_port: 10051
to_port: 10051
group_id: sg-12345678
- proto: icmp
from_port: 8 # icmp type, -1 = any type
to_port: -1 # icmp subtype, -1 = any subtype
cidr_ip: 10.0.0.0/8
- proto: all
# the containing group name may be specified here
group_name: Bar_SecurityGroups
rules_egress:
- proto: tcp
from_port: 80
to_port: 80
cidr_ip: 0.0.0.0/0
cidr_ipv6: 64:ff9b::/96
group_name: example-other
# description to use if example-other needs to be created
group_desc: other example EC2 group
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/f71bae3b-eeab-4454-9e5e-96abf46b72bd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
