IAM Module does not support tag
5 views
Skip to first unread message
MarkM
Oct 30, 2019, 9:49:28 AM10/30/19
to Ansible Development
Hey guys,
I'm an Ansible noob and was using the AWS IAM module to create users and I noticed this module does not support tagging. Does anyone have any ideas how this can be achieved or if this will be an added feature.
Thanks
MarkM
Oct 30, 2019, 9:51:48 AM10/30/19
to Ansible Development
btw, here is the link to the module
Greg Pirker
Oct 30, 2019, 10:20:22 AM10/30/19
to Ansible Development
I have had to do something like this to query IAM for information. I attacked my issue by shelling out and running an AWS CLI command (and passing aws_access_key, aws_secret_key and aws_region as variables)
export AWS_ACCESS_KEY_ID={{aws_access_key}}; export AWS_SECRET_ACCESS_KEY={{aws_secret_key}};/bin/aws iam list-roles --query 'Roles[*].[\"RoleName\",\"Arn\"]' --output text --region {{aws_region}}
export AWS_ACCESS_KEY_ID={{aws_access_key}}; export AWS_SECRET_ACCESS_KEY={{aws_secret_key}};/bin/aws iam list-roles --query 'Roles[*].[\"RoleName\",\"Arn\"]' --output text --region {{aws_region}}
In your case, you might do something like this in Ansible by adding two new variables: user_name and tags (YMMV as I wrote this at the browser; not sure if its syntactically correct):
- name: Set fact for user name:
set_fact:
user_name: "Some user name"
- name: set iam user tags
set_fact:
iam_user_tags:
user_tag1: "same_value"
user_tag2: "same_value"
user_tag3: "same_value"
- name: Set tags for user using AWS CLI
shell: "export AWS_ACCESS_KEY_ID={{aws_access_key}}; export AWS_SECRET_ACCESS_KEY={{aws_secret_key}};/bin/aws iam tag-user --user-name {{user_name}} --tags {{iam_user_tags}}"
Honestly, I would probably attack this with a library using python/boto3. If you have time, its pretty easy to build and run.
Reply all
Reply to author
Forward
0 new messages