azure_rm_resourcegroup_info usage help

Shawn Singh

unread,

Mar 15, 2023, 10:53:31 AM3/15/23

to Ansible Project

Hello,

I have a playbook where I am calling my az commands via the command module.

It works as expected.

I'm trying to convert it to PoSH (different thread) and as I'm seeing some issues there, falling back to using specific Azure Modules.

When I execute the following playbook, it fails.

My intent is just to check for the existence of a resource group, authenticating using service principal.

I've got more int he original playbook; however, trying to start small, so I've only coded a couple tasks.

# get the subscription_id, client_id, tenant, secret

- name: read secret

include_vars:

file: ../files/spsecret

no_log: true

# check if resource group exists, pass in the args retrieved in previous step for authentication

- name: check if the rg already exists

azure.azcollection.azure_rm_resourcegroup_info:

name: "np-{{ custom_name }}-rg-east"

subscription_id: "{{ sub_id }}"

client_id: "{{ sp }}"

secret: "{{ secret }}"

tenant: "{{ tenant }}"

register: rg_exists

The full traceback is:

Traceback (most recent call last):

File "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py", line 107, in <module>

_ansiballz_main()

File "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py", line 99, in _ansiballz_main

invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)

File "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py", line 47, in invoke_module

runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info', init_globals=dict(_module_fqn='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info', _modlib_path=modlib_path),

File "/opt/homebrew/Cellar/pyt...@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", line 224, in run_module

return _run_module_code(code, init_globals, run_name, mod_spec)

File "/opt/homebrew/Cellar/pyt...@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", line 96, in _run_module_code

_run_code(code, mod_globals, init_globals,

File "/opt/homebrew/Cellar/pyt...@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", line 86, in _run_code

exec(code, run_globals)

File "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", line 235, in <module>

File "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", line 231, in main

File "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", line 160, in __init__

File "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", line 472, in __init__

File "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", line 174, in exec_module

File "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", line 194, in get_item

File "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", line 1070, in rm_client

File "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", line 920, in get_mgmt_svc_client

TypeError: ResourceManagementClient.__init__() missing 1 required positional argument: 'credential'.

Not getting what is causing the error as I'm passing the parameters required for service principal auth.

In addition, I tried having a az login task, removing the service principal stuff from the 'check if the rg already exists' task. The az login worked... but the task failed with the same error.

This is my version of ansible and ansible-core:

ansible 7.3.0

ansible-core 2.14.3

Here's more details about my environment:

ansible [core 2.14.3]

config file = None

configured module search path = ['/Users/j8683/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']

ansible python module location = /Users/j8683/Library/Python/3.9/lib/python/site-packages/ansible

ansible collection location = /Users/j8683/.ansible/collections:/usr/share/ansible/collections

executable location = /Users/j8683/Library/Python/3.9/bin/ansible

python version = 3.9.6 (default, Sep 26 2022, 11:37:49) [Clang 14.0.0 (clang-1400.0.29.202)] (/Library/Developer/CommandLineTools/usr/bin/python3)

jinja version = 3.1.2

libyaml = True

Thanks,

Shawn

Rowe, Walter P. (Fed)

unread,

Mar 15, 2023, 11:04:23 AM3/15/23

to ansible...@googlegroups.com

TypeError: ResourceManagementClient.__init__() missing 1 required positional argument: 'credential'.

What kind of authentication have you configured?

https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_resourcegroup_info_module.html#ansible-collections-azure-azcollection-azure-rm-resourcegroup-info-module

Walter
--
Walter Rowe, Division Chief
Infrastructure Services, OISM
Mobile: 202.355.4123

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/5adb2e0b-b12e-4775-bfae-7d00c8c3144an%40googlegroups.com.

Shawn Singh

unread,

Mar 15, 2023, 12:11:25 PM3/15/23

to Ansible Project

I have a service principal for authentication.

Based on this bullet:

To authenticate via service principal, pass subscription_id, client_id, secret and tenant or set environment variables AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, AZURE_SECRET and AZURE_TENANT.

My takeaway is that I need to supply the subscription_id, client_id, tenant, and secret to tell Ansible that I want to authenticate using service principal.

Since the module accepts subscription_id, client_id, tenant, and secret, I'm passing the values to the module, figuring the module will attempt to perform authentication using my service principal.

I'm not getting an authentication failed type of message, so it seems that the module isn't using the values I'm supplying.

To test this out, I tried to set auth_source to "credential_file", as I've got the parameters required for service principal authentication stored in the default location (~/.azure/credentials); however, it fails the same way, so my guess is the module needs something so that when the constructor gets called ... it can create the object; however, I don't see what I'm missing.

Thanks,

Shawn

Rowe, Walter P. (Fed)

unread,

Mar 15, 2023, 12:23:58 PM3/15/23

to ansible...@googlegroups.com

Given how they are presented in all caps and it says "environment variables" then you need to make them ENVIRONMENT variables (ie Linux env vars) – not parameters to the task module.

Walter
--
Walter Rowe, Division Chief
Infrastructure Services, OISM
Mobile: 202.355.4123

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/848506f1-26c8-4705-8fb7-ad5e3a1d8be4n%40googlegroups.com.

Shawn Singh

unread,

Mar 15, 2023, 1:19:54 PM3/15/23

to Ansible Project

I'm reading that as a way to do it (note the 'or'...), not the only way to do it...

or set environment variables AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, AZURE_SECRET and AZURE_TENANT.

While I can try it out for test purposes, I'm trying to avoid setting the values in environment variables.

I appreciate your feedback.

Shawn

Shawn Singh

unread,

Mar 22, 2023, 3:20:21 PM3/22/23

to Ansible Project

I opened an issue with the github project.

Short answer, I needed to force upgrade azure/azcollection from 1.14 to 1.15.

For more detail:
https://github.com/ansible-collections/azure/issues/1111