Re: [ansible-project] aws_s3 - not sure if I understand how to use
245 views
Skip to first unread message
Dick Visser
Feb 17, 2020, 5:33:21 AM2/17/20
to ansible...@googlegroups.com
As you are beginning with ansible, start with the simplest option,
which is just a single playbook file, and don't bother with roles yet.
Something like this should already work to create a bucket:
- hosts: localhost
gather_facts: False
tasks:
- name: Create S3 Bucket
aws_s3:
bucket: my-bucket
mode: create
permission: private-read
region: us-east-1
Provided your environment contains AWS_SECRET_ACCESS_KEY and
AWS_ACCESS_KEY_ID. Read
https://docs.ansible.com/ansible/latest/scenario_guides/guide_aws.html
on how that works.
Please note that 'private-read' isn't a valid option for the
permission, see
https://docs.ansible.com/ansible/latest/modules/aws_s3_module.html#parameter-permission
for the supported values.
Dick
On Mon, 17 Feb 2020 at 06:56, David Rivera <david.r...@gmail.com> wrote:
>
>
>
> So I wondering if ansible supports s3, from what I see it does but I just might not understand how to do it. Im a novice at Ansible, esp in the realm of using it in conjunction with AWS.
>
> So I *think* I have to create a role and call it in my playbook?
>
> my role for learning is: s3-create.yml
> - name: Create S3 Bucket
> aws_s3:
> bucket: my-bucket
> mode: create
> permission: private-read
> region: us-east-1
>
>
> my playbook:
> key_name: my-key
> vpc_subnet_id: subnet-02439
> roles:
> - s3-create
> assign_public_ip: yes
> group: my-group
>
>
> when I run it, I get this:
>
> EntePLAY [Test creating ec2 instance with Ansible] ***********************************************************************************
>
> TASK [Gathering Facts] ***********************************************************************************************************
> ok: [localhost]
>
> TASK [Start New ec2 Instance] ****************************************************************************************************
> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported parameters for (ec2) module: roles Supported parameters include: assign_public_ip, aws_access_key, aws_secret_key, count, count_tag, debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group, group_id, id, image, instance_ids, instance_initiated_shutdown_behavior, instance_profile_name, instance_tags, instance_type, kernel, key_name, monitoring, network_interfaces, placement_group, private_ip, profile, ramdisk, region, security_token, source_dest_check, spot_launch_group, spot_price, spot_type, spot_wait_timeout, state, tenancy, termination_protection, user_data, validate_certs, volumes, vpc_subnet_id, wait, wait_timeout, zone"}
>
> PLAY RECAP ***********************************************************************************************************************
> localhost : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
> r code here...
>
>
> From what I read, you cant do it, but that contradicts ansible's docs so I think I just dont know what I am doing..
>
>
> any help would be appreciated..
>
>
>
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/6dff2045-5d8a-4239-ba88-f2a588401c56%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
which is just a single playbook file, and don't bother with roles yet.
Something like this should already work to create a bucket:
- hosts: localhost
gather_facts: False
tasks:
- name: Create S3 Bucket
aws_s3:
bucket: my-bucket
mode: create
permission: private-read
region: us-east-1
Provided your environment contains AWS_SECRET_ACCESS_KEY and
AWS_ACCESS_KEY_ID. Read
https://docs.ansible.com/ansible/latest/scenario_guides/guide_aws.html
on how that works.
Please note that 'private-read' isn't a valid option for the
permission, see
https://docs.ansible.com/ansible/latest/modules/aws_s3_module.html#parameter-permission
for the supported values.
Dick
On Mon, 17 Feb 2020 at 06:56, David Rivera <david.r...@gmail.com> wrote:
>
>
>
> So I wondering if ansible supports s3, from what I see it does but I just might not understand how to do it. Im a novice at Ansible, esp in the realm of using it in conjunction with AWS.
>
> So I *think* I have to create a role and call it in my playbook?
>
> my role for learning is: s3-create.yml
> - name: Create S3 Bucket
> aws_s3:
> bucket: my-bucket
> mode: create
> permission: private-read
> region: us-east-1
>
>
> my playbook:
> key_name: my-key
> vpc_subnet_id: subnet-02439
> roles:
> - s3-create
> assign_public_ip: yes
> group: my-group
>
>
> when I run it, I get this:
>
> EntePLAY [Test creating ec2 instance with Ansible] ***********************************************************************************
>
> TASK [Gathering Facts] ***********************************************************************************************************
> ok: [localhost]
>
> TASK [Start New ec2 Instance] ****************************************************************************************************
> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported parameters for (ec2) module: roles Supported parameters include: assign_public_ip, aws_access_key, aws_secret_key, count, count_tag, debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group, group_id, id, image, instance_ids, instance_initiated_shutdown_behavior, instance_profile_name, instance_tags, instance_type, kernel, key_name, monitoring, network_interfaces, placement_group, private_ip, profile, ramdisk, region, security_token, source_dest_check, spot_launch_group, spot_price, spot_type, spot_wait_timeout, state, tenancy, termination_protection, user_data, validate_certs, volumes, vpc_subnet_id, wait, wait_timeout, zone"}
>
> PLAY RECAP ***********************************************************************************************************************
> localhost : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
> r code here...
>
>
> From what I read, you cant do it, but that contradicts ansible's docs so I think I just dont know what I am doing..
>
>
> any help would be appreciated..
>
>
>
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/6dff2045-5d8a-4239-ba88-f2a588401c56%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
David Rivera
Feb 17, 2020, 1:08:33 PM2/17/20
to ansible...@googlegroups.com
Hi,
That was the weird thing. When I run it it gives me this error.
ERROR! aws_s3 is not a valid attribute for a Play.
This is the only reason why I started to try a different avenue..
Oh well..
Thanks
David
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwO%3DgOdeAi8wZ0Ggk%2BoNRMYQyH8tpt1D%3DBa_0xxtsKP9aw%40mail.gmail.com.
Amit Kulkarni
Feb 17, 2020, 1:15:24 PM2/17/20
to Ansible Project
Ansible supports S3 and all the operations supported by S3 API. You have to make sure that you have access to AWS CLI and also install python boto.
This is the framework used for calling AWS API via ansible.
Also make sure that name you have giving to bucket should be unique when you are writing the playbook.
Regards
Amit
Dick Visser
Feb 17, 2020, 1:22:36 PM2/17/20
to ansible...@googlegroups.com
I now see that the error you’re getting isn’t from the aws_s3 taks that you posted.
Instead it’s from an ec2 task - that you did NOT provide. This is quite frustrating -
next time provide ALL the information and not leave people in the dark please...
Thx
Sent from a mobile device - please excuse the brevity, spelling and punctuation.
David Rivera
Feb 17, 2020, 1:25:00 PM2/17/20
to ansible...@googlegroups.com
Hi,
I do have AWS cli and boto3 installed as I use those almost on a daily basis.
Yes,
Thank you for the heads up on the s3 bucket, I just changed it in my post..
Thanks,
David
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAON3ZR0wnyJ0H5ocOvz-cHFZnR3Bksegi26wk6qzx_eiiyE0iA%40mail.gmail.com.
David Rivera
Feb 17, 2020, 1:43:11 PM2/17/20
to ansible...@googlegroups.com
I’m sorry,
I get it since you are just trying to help.
Again sorry
Thanks
David
Angel Rengifo Cancino
Feb 17, 2020, 8:43:34 PM2/17/20
to ansible...@googlegroups.com
Hello:
my role for learning is: s3-create.yml
This piece of code looks good.
my playbook:
This short piece of code looks wrong. Is it part of the same playbook or role? Did you remove the previous line of the task? Based on these few lines and your indentation I can't guess what are you trying to do. What module are you using?
when I run it, I get this:
I guess you're trying to use the ec2_instance module, but we can see your hole code, so it's hard to help you
Copy all your relevant lines from aws_s3 and ec2_instance modules here in your message so we can understand what's wrong.
David Rivera
Feb 17, 2020, 11:07:00 PM2/17/20
to ansible...@googlegroups.com
Hi I actually did edit my original post yesterday with everything I am doing. it is basic stuff, but since I have never really used Ansible much but for a few adhoc tasks, it is just all I know.
Anyways, I was able to figure out how to create a bucket. doing this: now this is not using roles. Yes, I do not really understand the structure of roles yet but I will deal with that later.
How I got it to work cor creating the bucket. Note I was also able to get the creation to work using the aws_s3 module also , but when I wanted to add a policy I noticed I had to use the s3_bucket module.
---
# Create an S3 bucket using a policy
#
#
- hosts: localhost
gather_facts: no
connection: local
tasks:
- s3_bucket:
name: mybucket
policy: "{{ lookup( 'file','test_policy.json' )}}"
versioning: yes
tags:
Name: foo
Environment: bar
# Create an S3 bucket using a policy
#
#
- hosts: localhost
gather_facts: no
connection: local
tasks:
- s3_bucket:
name: mybucket
policy: "{{ lookup( 'file','test_policy.json' )}}"
versioning: yes
tags:
Name: foo
Environment: bar
The json policy in my same CWD.
What I am trying to honestly do is find additional ways to manage our AWS environment, I am curious if for a decent amount of day to day tasks we can leverage Ansible.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAA3McK_Z29tq7uyXz99QZqWh5gPjMiv6nAvzT4SLPjSBuHCPDg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages