Ist*_*van 8 amazon-web-services amazon-iam ansible
我正在使用Ansible来创建AWS用户.Ansible的一个功能是创建一个具有访问密钥的用户.我想知道如何在用户成功创建后获取访问密钥.
http://docs.ansible.com/ansible/iam_module.html
tasks:
- name: Create two new IAM users with API keys
iam:
iam_type: user
name: "{{ item }}"
state: present
password: "{{ temp_pass }}"
access_key_state: create
with_items:
- user
我试过了2.0.1.0.应该工作2.0.0.2.
tasks:
- iam:
iam_type: user
name: foo
state: present
access_key_state: create
register: credentials
- debug: var=credentials
产量
[debug] *******************************************************************
ok: [127.0.0.1] => {
"credentials": {
"changed": false,
"groups": null,
"keys": {
"AKIAXXXXXXXXXXTTGFXX": "Active"
},
"user_name": "foo"
}
}
从Ansible 2.0.1.0开始,无法获得秘密.这是一个错误.请参阅iam模块对于管理访问密钥不是很有用
小智 5
同时(我正在使用Ansible 2.3.2.0),该问题已成功解决:
- name: Create restricted bot user to access S3
iam:
iam_type: user
name: blubaa
state: present
access_key_state: create
connection: local
register: credentials
- debug: var=credentials
输出:
ok: [XXXXXXXXXX] => {
"credentials": {
"changed": true,
"groups": null,
"keys": [
{
"access_key_id": "AKIAJXXXXXXXXXXZX6GQ",
"create_date": "2017-08-26T01:04:05Z",
"status": "Active",
"user_name": "blubaa"
}
],
"user_meta": {
"access_keys": [
{
"access_key_id": "AKIAJXXXXXXXXXXZX6GQ",
"access_key_selector": "XXXX",
"create_date": "2017-08-26T01:04:05.720Z",
"secret_access_key": "wPwd2H0XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXkHB08Elo",
"status": "Active",
"user_name": "blubaa"
}
],
"created_user": {
"arn": "arn:aws:iam::30XXXXXXXXXX:user/blubaa",
"create_date": "2017-08-26T01:04:05.557Z",
"path": "/",
"user_id": "AIDAXXXXXXXXXXOYT7M",
"user_name": "blubaa"
},
"password": null
}
}
}