Problems using AWS Dynamic Inventory with STS Profiles

351 views
Skip to first unread message

Ric

unread,
May 22, 2017, 10:19:12 AM5/22/17
to Ansible Project
ANSIBLE VERSION
ansible 2.3.0.0
  config file = 
  configured module search path = Default w/o overrides
  python version = 2.7.5 (default, Aug  2 2016, 04:20:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]

CONFIGURATION

https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.py
https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.ini


OS / ENVIRONMENT

RHEL 7 on AWS


SUMMARY

I'm working in an environment where I need to assume a cross account role in all my AWS accounts where I want to run Ansible.

I am looking to use AWS shared credentials files to define profiles for the various roles I need to assume for the different accounts.

Is this even possible currently? I have searched and read a couple of issues but have been unable to find a resolution.



STEPS TO REPRODUCE

run aws configure to setup the default credentials and also setup a profile for a cross account role, access keys are only set for the default profile


.aws/config

[default]
output = json
region = eu-west-1

[profile test]
role_arn = arn:aws:iam::123456789012:role/test
source_profile = default


./ec2.py --list works as expected and provides details from the default account, as does AWS_PROFILE=default ./ec2.py --list


However, both ./ec2.py --list --profile=test and AWS_PROFILE=test ./ec2.py --list do not work


While searching I found #15215 which references an ec2.py script that enables ./ec2.py --list --profile test to work but not AWS_PROFILE=test ./ec2.py --list


This is no use because there is no way to use it with ansible and ansible-playbook commands if it is not using the env variable given the lack of profile flag right?


For all the failed attempts above the error is boto.provider.ProfileNotFoundError: Profile "test" not found!


Any help with this would be very much appreciated.

Reply all
Reply to author
Forward
0 new messages