Hello, I'm trying to use the ec2_win_password module to retrieve the default Administrator password for an EC2 instance. I had a play working and then upgraded to Ansible 2.4. I added the cryptography module as the notes indicate. My play continually fails returning a message that it can't parse the key file (and the key file is not encrypted).
I ran a test where I encrypted the key file and provided a passphrase in the play and things did work successfully. Would anyone have any thoughts on why this might be failing with an unecrypted key and no password? Below is the debug output from the play. It kind of feels to me like it thinks a password is being given even though I don't mention the parameter in the play. As such, it's existing because the key is not encrypted. Thank you Ryan ansible-playbook 2.4.0.0 config file = None configured module search path = [u'/Users/rhowe/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /Library/Python/2.7/site-packages/ansible executable location = /usr/local/bin/ansible-playbook python version = 2.7.10 (default, Feb 7 2017, 00:08:15) [GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.34)] No config file found; using defaults setting up inventory plugins Parsed /etc/ansible/hosts inventory source with ini plugin Loading callback plugin default of type stdout, v2.0 from /Library/Python/2.7/site-packages/ansible/plugins/callback/__init__.pyc PLAYBOOK: 03_retrieve_admin_password.yml ********************************************************************************************************************************************* 1 plays in 03_retrieve_admin_password.yml PLAY [localhost] ********************************************************************************************************************************************************************* META: ran handlers TASK [Get Administrator Password] **************************************************************************************************************************************************** task path: /Users/rhowe/ansible_scripts/03_retrieve_admin_password.yml:10 Using module_utils file /Library/Python/2.7/site-packages/ansible/module_utils/_text.py Using module_utils file /Library/Python/2.7/site-packages/ansible/module_utils/basic.py Using module_utils file /Library/Python/2.7/site-packages/ansible/module_utils/ec2.py Using module_utils file /Library/Python/2.7/site-packages/ansible/module_utils/six/__init__.py Using module_utils file /Library/Python/2.7/site-packages/ansible/module_utils/parsing/convert_bool.py Using module_utils file /Library/Python/2.7/site-packages/ansible/module_utils/parsing/__init__.py Using module_utils file /Library/Python/2.7/site-packages/ansible/module_utils/pycompat24.py Using module_utils file /Library/Python/2.7/site-packages/ansible/module_utils/cloud.py Using module file /Library/Python/2.7/site-packages/ansible/modules/cloud/amazon/ec2_win_password.py <127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: rhowe <127.0.0.1> EXEC /bin/sh -c 'echo ~ && sleep 0' <127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967 `" && echo ansible-tmp-1506010305.03-241574263221967="` echo /Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967 `" ) && sleep 0' <127.0.0.1> PUT /var/folders/92/sndgxv6s3dnfhpptzcbf98k80000gn/T/tmpwA8R2C TO /Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/ec2_win_password.py <127.0.0.1> EXEC /bin/sh -c 'chmod u+x /Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/ /Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/ec2_win_password.py && sleep 0' <127.0.0.1> EXEC /bin/sh -c '/usr/bin/python /Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/ec2_win_password.py; rm -rf "/Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/" > /dev/null 2>&1 && sleep 0' The full traceback is: File "/var/folders/92/sndgxv6s3dnfhpptzcbf98k80000gn/T/ansible_vLagCP/ansible_module_ec2_win_password.py", line 167, in main key = load_pem_private_key(f.read(), b_key_passphrase, BACKEND) File "/Library/Python/2.7/site-packages/cryptography/hazmat/primitives/serialization.py", line 20, in load_pem_private_key return backend.load_pem_private_key(data, password) File "/Library/Python/2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1006, in load_pem_private_key password, File "/Library/Python/2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1231, in _load_key "Password was given but private key is not encrypted.") fatal: [localhost]: FAILED! => { "changed": false, "failed": true, "invocation": { "module_args": { "aws_access_key": "xxxxxxxxxxxx", "aws_region": "us-east-1", "aws_secret_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "ec2_url": null, "instance_id": "i-xxxxxxxx", "key_file": "/Users/rhowe/Documents/ssh_keys/KeyFileName.pem", "key_passphrase": null, "profile": null, "region": "us-east-1", "security_token": null, "validate_certs": true, "wait": false, "wait_timeout": "120" } }, "msg": "unable to parse key file" } -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a678f8d7-b572-49c9-98de-b6b9aef27c8c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.