Error Creating Azure Security Group

[Steven Carter]

When I do the following in my playbook: 

   - name: Create CSR Security Group

      azure_rm_securitygroup:

        resource_group: '{{ resource_group }}'

        name: csr_security_group

        purge_rules: yes

        rules:

          - name: AllowSSH

            protocol: Tcp

            destination_port_range: 22

            access: Allow

            priority: 100

            direction: Inbound

I get the error:

TASK [Create CSR Security Group] ***********************************************

task path: /home/stevenca/ansible/azure/mk_azure_csr_node.yml:42

<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: stevenca

<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1467408964.56-63206774886516 `" && echo ansible-tmp-1467408964.56-63206774886516="` echo $HOME/.ansible/tmp/ansible-tmp-1467408964.56-63206774886516 `" ) && sleep 0'

<127.0.0.1> PUT /tmp/tmp0GW2R7 TO /home/stevenca/.ansible/tmp/ansible-tmp-1467408964.56-63206774886516/azure_rm_securitygroup

<127.0.0.1> EXEC /bin/sh -c 'LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python /home/stevenca/.ansible/tmp/ansible-tmp-1467408964.56-63206774886516/azure_rm_securitygroup; rm -rf "/home/stevenca/.ansible/tmp/ansible-tmp-1467408964.56-63206774886516/" > /dev/null 2>&1 && sleep 0'

An exception occurred during task execution. The full traceback is:

Traceback (most recent call last):

  File "/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py", line 715, in <module>

    main()

  File "/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py", line 712, in main

    AzureRMSecurityGroup()

  File "/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py", line 539, in __init__

    supports_check_mode=True)

  File "/tmp/ansible_Bv3FoN/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py", line 173, in __init__

  File "/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py", line 573, in exec_module

    results = create_network_security_group_dict(nsg)

  File "/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py", line 488, in create_network_security_group_dict

    results['rules'].append(create_rule_dict_from_obj(rule))

  File "/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py", line 464, in create_rule_dict_from_obj

    protocol=rule.protocol.value,

AttributeError: 'unicode' object has no attribute 'value'

fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "invocation": {"module_name": "azure_rm_securitygroup"}, "module_stderr": "Traceback (most recent call last):\n  File \"/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py\", line 715, in <module>\n    main()\n  File \"/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py\", line 712, in main\n    AzureRMSecurityGroup()\n  File \"/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py\", line 539, in __init__\n    supports_check_mode=True)\n  File \"/tmp/ansible_Bv3FoN/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\", line 173, in __init__\n  File \"/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py\", line 573, in exec_module\n    results = create_network_security_group_dict(nsg)\n  File \"/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py\", line 488, in create_network_security_group_dict\n    results['rules'].append(create_rule_dict_from_obj(rule))\n  File \"/tmp/ansible_Bv3FoN/ansible_module_azure_rm_securitygroup.py\", line 464, in create_rule_dict_from_obj\n    protocol=rule.protocol.value,\nAttributeError: 'unicode' object has no attribute 'value'\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}

At this point, I am running ansible 2.1.1.0 with azure python modules 2.0.0rc5.  I was able to create a resource group, vnet, and 2 x subnets, then got stuck here.

Thanks,

Steven.

[Steven Carter]

I forgot to mention that it actually creates the security group, it just has a problem with the return.  I had a similar behavior when trying to create nics.

Steven.

[Matt Davis]

Yep, twas another shape change in the Python SDK- they flattened a bunch of SDK values somewhere in there (where you used to have to dot into a "value" member). 

Should be fixed in 2.1.1RC2 and devel by https://github.com/ansible/ansible-modules-core/commit/de9959b129d927bc3a7c8022da1c7d84747763b8.