I had something like this happen to me recently when using 'become' in my playbook. It may be you're having a similar problem with your use of sudo.
You're logged in as the ubuntu user (presumably where you have these env vars set..via a bash unit script or via export or something) but your use of sudo is causing the playbook to be executed as the root user when Ansible runs the play. Presumably there are no env vars configured for root and thus the modules inability to find anything. So suggest you export your env vars in the root users config. Alternatively, create .aws/config and .aws/credentials as the root user. Or, try removing your use of sudo if your org's security policy allows -tim On Fri, Aug 23, 2019, 2:05 AM Dick Visser <[email protected]> wrote: > Not sure but could it be an issue that your environment vars are lowercase? > I know that the awscli tools expect them in uppercase. > > On Fri, 23 Aug 2019 at 02:27, Amit Kulkarni <[email protected]> wrote: > > > > Hi All, > > > > Need urgent help I am getting below error while creating S3 bucket using > playbook. > > > > AWS keys I have set up as Environmental variables. > > > > Let me know if I am missing anything. > > > > Below is the playbbok > > > > --- > > - hosts: localhost > > tasks: > > - name: Create an empty bucket > > aws_s3: > > aws_access_key: "{{ lookup('env','aws_key') }}" > > aws_secret_key: "{{ lookup('env','aws_secret') }}" > > bucket: mybucket > > mode: create > > permission: public-read > > -------------------------------------------------------------- > > > > ubuntu@ip-172-31-42-232:/etc/ansible$ sudo ansible-playbook s3.yml -vvv > > ansible-playbook 2.8.3 > > config file = /etc/ansible/ansible.cfg > > configured module search path = > [u'/home/ubuntu/.ansible/plugins/modules', > u'/usr/share/ansible/plugins/modules'] > > ansible python module location = > /usr/lib/python2.7/dist-packages/ansible > > executable location = /usr/bin/ansible-playbook > > python version = 2.7.12 (default, Nov 12 2018, 14:36:49) [GCC 5.4.0 > 20160609] > > Using /etc/ansible/ansible.cfg as config file > > host_list declined parsing /etc/ansible/hosts as it did not pass it's > verify_file() method > > script declined parsing /etc/ansible/hosts as it did not pass it's > verify_file() method > > auto declined parsing /etc/ansible/hosts as it did not pass it's > verify_file() method > > Parsed /etc/ansible/hosts inventory source with ini plugin > > PLAYBOOK: s3.yml > ******************************************************************************************************************************************************* > > 1 plays in s3.yml > > PLAY [localhost] > ******************************************************************************************************************************************************* > > TASK [Gathering Facts] > ************************************************************************************************************************************************* > > task path: /etc/ansible/s3.yml:2 > > <127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root > > <127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0' > > <127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo > /root/.ansible/tmp/ansible-tmp-1566352417.53-61320358842100 `" && echo > ansible-tmp-1566352417.53-61320358842100="` echo > /root/.ansible/tmp/ansible-tmp-1566352417.53-61320358842100 `" ) && sleep 0' > > Using module file > /usr/lib/python2.7/dist-packages/ansible/modules/system/setup.py > > <127.0.0.1> PUT > /home/ubuntu/.ansible/tmp/ansible-local-16195TKTGUm/tmpzD3QiP TO > /root/.ansible/tmp/ansible-tmp-1566352417.53-61320358842100/AnsiballZ_setup.py > > <127.0.0.1> EXEC /bin/sh -c 'chmod u+x > /root/.ansible/tmp/ansible-tmp-1566352417.53-61320358842100/ > /root/.ansible/tmp/ansible-tmp-1566352417.53-61320358842100/AnsiballZ_setup.py > && sleep 0' > > <127.0.0.1> EXEC /bin/sh -c '/usr/bin/python > /root/.ansible/tmp/ansible-tmp-1566352417.53-61320358842100/AnsiballZ_setup.py > && sleep 0' > > <127.0.0.1> EXEC /bin/sh -c 'rm -f -r > /root/.ansible/tmp/ansible-tmp-1566352417.53-61320358842100/ > /dev/null > 2>&1 && sleep 0' > > ok: [localhost] > > META: ran handlers > > TASK [Create an empty bucket] > ****************************************************************************************************************************************** > > task path: /etc/ansible/s3.yml:4 > > <127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root > > <127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0' > > <127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo > /root/.ansible/tmp/ansible-tmp-1566352418.34-246931485115878 `" && echo > ansible-tmp-1566352418.34-246931485115878="` echo > /root/.ansible/tmp/ansible-tmp-1566352418.34-246931485115878 `" ) && sleep > 0' > > Using module file > /usr/lib/python2.7/dist-packages/ansible/modules/cloud/amazon/aws_s3.py > > <127.0.0.1> PUT > /home/ubuntu/.ansible/tmp/ansible-local-16195TKTGUm/tmpleczvh TO > /root/.ansible/tmp/ansible-tmp-1566352418.34-246931485115878/AnsiballZ_aws_s3.py > > <127.0.0.1> EXEC /bin/sh -c 'chmod u+x > /root/.ansible/tmp/ansible-tmp-1566352418.34-246931485115878/ > /root/.ansible/tmp/ansible-tmp-1566352418.34-246931485115878/AnsiballZ_aws_s3.py > && sleep 0' > > <127.0.0.1> EXEC /bin/sh -c '/usr/bin/python > /root/.ansible/tmp/ansible-tmp-1566352418.34-246931485115878/AnsiballZ_aws_s3.py > && sleep 0' > > <127.0.0.1> EXEC /bin/sh -c 'rm -f -r > /root/.ansible/tmp/ansible-tmp-1566352418.34-246931485115878/ > /dev/null > 2>&1 && sleep 0' > > The full traceback is: > > Traceback (most recent call last): > > File "/tmp/ansible_aws_s3_payload_6bl3f1/__main__.py", line 384, in > bucket_check > > s3.head_bucket(Bucket=bucket) > > File "/usr/local/lib/python2.7/dist-packages/botocore/client.py", line > 357, in _api_call > > return self._make_api_call(operation_name, kwargs) > > File "/usr/local/lib/python2.7/dist-packages/botocore/client.py", line > 648, in _make_api_call > > operation_model, request_dict, request_context) > > File "/usr/local/lib/python2.7/dist-packages/botocore/client.py", line > 667, in _make_request > > return self._endpoint.make_request(operation_model, request_dict) > > File "/usr/local/lib/python2.7/dist-packages/botocore/endpoint.py", > line 102, in make_request > > return self._send_request(request_dict, operation_model) > > File "/usr/local/lib/python2.7/dist-packages/botocore/endpoint.py", > line 132, in _send_request > > request = self.create_request(request_dict, operation_model) > > File "/usr/local/lib/python2.7/dist-packages/botocore/endpoint.py", > line 116, in create_request > > operation_name=operation_model.name) > > File "/usr/local/lib/python2.7/dist-packages/botocore/hooks.py", line > 356, in emit > > return self._emitter.emit(aliased_event_name, **kwargs) > > File "/usr/local/lib/python2.7/dist-packages/botocore/hooks.py", line > 228, in emit > > return self._emit(event_name, kwargs) > > File "/usr/local/lib/python2.7/dist-packages/botocore/hooks.py", line > 211, in _emit > > response = handler(**kwargs) > > File "/usr/local/lib/python2.7/dist-packages/botocore/signers.py", > line 90, in handler > > return self.sign(operation_name, request) > > File "/usr/local/lib/python2.7/dist-packages/botocore/signers.py", > line 157, in sign > > auth.add_auth(request) > > File "/usr/local/lib/python2.7/dist-packages/botocore/auth.py", line > 425, in add_auth > > super(S3SigV4Auth, self).add_auth(request) > > File "/usr/local/lib/python2.7/dist-packages/botocore/auth.py", line > 357, in add_auth > > raise NoCredentialsError > > NoCredentialsError: Unable to locate credentials > > fatal: [localhost]: FAILED! => { > > "boto3_version": "1.9.212", > > "botocore_version": "1.12.212", > > "changed": false, > > "invocation": { > > "module_args": { > > "aws_access_key": "", > > "aws_secret_key": "", > > "bucket": "mybucket", > > "debug_botocore_endpoint_logs": false, > > "dest": null, > > "dualstack": false, > > "ec2_url": null, > > "encrypt": true, > > "encryption_kms_key_id": null, > > "encryption_mode": "AES256", > > "expiry": 600, > > "headers": null, > > "ignore_nonexistent_bucket": false, > > "marker": "", > > "max_keys": 1000, > > "metadata": null, > > "mode": "create", > > "object": null, > > "overwrite": "always", > > "permission": [ > > "public-read" > > ], > > "prefix": "", > > "profile": null, > > "region": null, > > "retries": 0, > > "rgw": false, > > "s3_url": null, > > "security_token": null, > > "src": null, > > "validate_certs": true, > > "version": null > > } > > }, > > "msg": "Failed while looking up bucket (during bucket_check) > mybucket.: Unable to locate credentials" > > } > > PLAY RECAP > ************************************************************************************************************************************************************* > > localhost : ok=1 changed=0 unreachable=0 > failed=1 skipped=0 rescued=0 ignored=0 > > > > -- > > You received this message because you are subscribed to the Google > Groups "Ansible Project" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected]. > > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/6f4720f9-66bc-4af9-be2c-e677128488ba%40googlegroups.com > . > > > > -- > Dick Visser > Trust & Identity Service Operations Manager > GÉANT > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAL8fbwO0SEdvtfoWxPxPBsXw76BmJQdLqV5g09%2BBKSexEwaM0Q%40mail.gmail.com > . > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAB0Zv8jBtqJAbkVnpAsFjoEcHEfyHcKR6jVTamFXeWecioNwvA%40mail.gmail.com.
