我正在尝试在 AWS 上的我的 EC2 实例上第一次运行 ansible,但每次我尝试运行 play 时,我都无法绕过此错误消息:
PLAY [localhost]
**************************************************************
TASK: [make one instance]
*****************************************************
failed: [localhost] => {"failed": true} msg: No handler was ready to
authenticate. 1 handlers were checked. ['HmacAuthV4Handler'] Check
your credentials
FATAL: all hosts have already failed -- aborting
PLAY RECAP
********************************************************************
to retry, use: --limit @/home/ubuntu/ans_test.retry
localhost : ok=0 changed=0 unreachable=0
failed=1
我认为我的IAM用户和组的权限可能存在问题。我已将我的IAM用户和组分别分配了ReadOnlyAccess、AdministratorAccess和PowerUserAccess权限。我有一组访问ID和秘密访问密钥,我正在使用以下命令将其设置为环境变量:
export AWS_ACCESS_KEY_ID='AK123'
export AWS_SECRET_ACCESS_KEY='abc123'
把我的实际id和key值替换为“AK123”和“abc123”。为了使ansible ec2任务起作用,我还需要做什么?
更新:
我已经解决了这个问题,我想我并没有真正理解环境变量是什么。我通过在我的ec2任务中设置aws_access_key和aws_secret_key来解决了这个问题,下面是我的工作剧本。
- hosts: localhost
connection: local
gather_facts: False
tasks:
#this task creates 5 ec2 instances that are all named demo and are copies of the image specified
- name: Provision a set of instances
ec2:
aws_access_key: .....
aws_secret_key: ....
key_name: .....
group: .....
instance_type: t2.micro
image: ......
region: us-east-1
ec2_url: .......
wait: true
exact_count: 5
count_tag:
Name: Demo
instance_tags:
Name: Demo
register: ec2
我想现在我需要开始使用Ansible Vault来保存我的密钥和ID。
command: " export AWS_ACCESS_KEY_ID='AK123' && export AWS_SECRET_ACCESS_KEY='abc123' && actual command"
? - Henrik Pingel