Created an elasticache via Ansible - Get an Error "Use of cache security groups is not permitted in this API version for your account"

[Shih Oon Liong]

I was trying to provision a new memcached server via ansible 

- name: AWS | Create Redis
      local_action:
        module: elasticache
        region: sa-east-1
        name: "test-please-delete"
        state: present
        engine: memcached
        cache_engine_version: 1.4.14
        node_type: cache.m1.small
        num_nodes: 1
        cache_port: 11211
        cache_security_groups:
           - default
        zone: sa-east-1a

When I ran it I get the error " Use of cache security groups is not permitted in this API version for your account." This seems to only occur in Sau Paolo Region and every other reason. With the only exception being US East for example works fine. 

Any ideas where I can diagnose this - looking for this error on google shows me no lead thus far

[Michael DeHaan]

This I don't know, but it seems to be coming from the AWS side of the house and not our code or boto.

If no one else here knows an answer, I'd *perhaps* inquire with Amazon support if there's something different about that region.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/62d1ae16-e7f0-46f7-98d8-219d3e885040%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Dan Vaida]

For what it's worth, I get a different type of error message when I try to run something similar with Redis.

https://github.com/ansible/ansible/issues/7986

[Shih Oon Liong]

Thanks for the replies. I have posted a support on AWS Forum, so hopefully I get a reply back.

I have though manage to semi fixed it. It seems in some regions, AWS either 'cache_security_groups' to be empty OR 'security_group_ids' to be passed empty. The below seems to now work happily with AWS for some reason - my example uses Redis.

    - name: AWS | Create Database in Redis

      local_action:

        region: sa-east-1

        module: elasticache

        name: "test-please-delete3"

        state: present

        engine: redis

        cache_engine_version: 2.8.6

        node_type: cache.m1.small

        num_nodes: 1

        cache_port: 6379

        cache_security_groups: []

        security_group_ids:

          - sg-x1x1x1x1

        zone: sa-east-1a

Passing an empty list to 'cache_security_groups' seems to fix it fine. This is in ansible version 1.7.1

[Dhawal Patel]

I get the same error when trying to create a redis cache cluster using Cloud Formation template: "Use of cache security groups is not permitted in this API version for your account.". I'm creating a AWS::ElastiCache::SecurityGroup so I can allow access from my EC2 instances and it fails to create the SG.

[Michael DeHaan]

Yeah don't know how to help with this one.

Perhaps worth asking of AWS.

--

You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/834d9ebf-cd22-49ea-a5b5-e86128e9597a%40googlegroups.com.

[Tim Mahoney]

Hi Guys

I made a module for this, and submitted a Pull Request here: https://github.com/ansible/ansible-modules-core/pull/1137

Feel free to let me know if it gives you any issues.