Confused about windows passwords and working with ec2?

230 views
Skip to first unread message

Frank Perks

unread,
Sep 8, 2015, 2:27:37 PM9/8/15
to Ansible Project
Hi,

I am unsure exactly how i am supposed to handle and work with windows passwords when working with EC2 and inventories. I know i can query the passwords by using ec2_win_password, however i am unsure exactly how i can use this value to set the ansible_ssh_pass. For that connection.

For example:

- hosts: windows
  connection: local
  gather_facts: false
  tasks:
    ec2_win_password: <stuff>

Unfortunately this play will never work because all hosts in the windows group need to know their password. Manually defining all the windows passwords in hosts seems like a really really awful idea, but i am unsure exactly what i can do in this case. I can do a localhost play before this play to grab all the associated passwords using ec2_win_password, however that doesn't actually fix anything because i can't seem to find a way to set the ansible_ssh_pass fact using set_fact. 

I am lost and tired. What exactly am i supposed to do?

Brian Coca

unread,
Sep 8, 2015, 4:51:48 PM9/8/15
to Ansible Project
have you tried this?

- hosts: windows
gather_facts: false
tasks:

- ec2_win_password: <stuff>
connection: local

- set_fact: ansible_ssh_host="{{ ec2_win_password.whatver}}"

- do_other_stuff
--
Brian Coca

Frank Perks

unread,
Sep 9, 2015, 7:30:25 AM9/9/15
to Ansible Project
I didn't realize you can specify the ansible connection on a per task level!

That completely changes stuff!

I will give this a shot!

Frank Perks

unread,
Sep 9, 2015, 9:58:52 AM9/9/15
to Ansible Project
This does not actually work, i get 

FAILED! => {"failed": true, "msg": "ERROR! The module ec2_win_password was not found in configured module paths"}

I am assuming this is related to this issue: 
https://groups.google.com/forum/#!topic/ansible-project/PqwMiIHV0js

Trond Hindenes

unread,
Sep 9, 2015, 10:26:14 AM9/9/15
to Ansible Project
I've been bitten by "Connection: local" aswell. Could you try delegate_to: localhost instead and see if that works better for you?

Chris Church

unread,
Sep 9, 2015, 2:52:22 PM9/9/15
to ansible...@googlegroups.com
You may also want to check out my win-ec2 role as an example of fetching the passwords, adding them to inventory and generating a static inventory file:

https://github.com/cchurch/ansible-role-win-ec2/blob/master/tasks/main.yml#L79

(I use a renamed copy of the ec2_win_password module so the role will work with 1.9.x)


--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
 To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a07b05d3-d297-4451-b207-3f7034dfb111%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Reply all
Reply to author
Forward
0 new messages