小贝子编程

如何使用Ansible的iam_module获取访问密钥



我正在使用Ansible创建AWS用户。Ansible的一个功能是创建一个具有访问密钥的用户。我想知道在成功创建用户后如何获取访问密钥。

http://docs.ansible.com/ansible/iam_module.html

tasks:
- name: Create two new IAM users with API keys
  iam:
    iam_type: user
    name: "{{ item }}"
    state: present
    password: "{{ temp_pass }}"
    access_key_state: create
  with_items:
    - user

我在2.0.1.0中尝试过。应在2.0.0.2中工作。

  tasks:
  - iam:
      iam_type: user
      name: foo
      state: present
      access_key_state: create
    register: credentials
  - debug: var=credentials

输出

[debug] *******************************************************************
ok: [127.0.0.1] => {
    "credentials": {
        "changed": false,
        "groups": null,
        "keys": {
            "AKIAXXXXXXXXXXTTGFXX": "Active"
        },
        "user_name": "foo"
    }
}

从Ansible 2.0.1.0开始,不可能获得该秘密。这是一个bug。请参阅iam模块,该模块对管理访问密钥不太有用

与此同时(我使用的是Ansible 2.3.2.0),该问题已成功修复:

- name: Create restricted bot user to access S3
  iam:
    iam_type: user
    name: blubaa  
    state: present
    access_key_state: create
  connection: local
  register: credentials
- debug: var=credentials

输出:

ok: [XXXXXXXXXX] => {
    "credentials": {
        "changed": true, 
        "groups": null, 
        "keys": [
            {
                "access_key_id": "AKIAJXXXXXXXXXXZX6GQ", 
                "create_date": "2017-08-26T01:04:05Z", 
                "status": "Active", 
                "user_name": "blubaa"
            }
        ], 
        "user_meta": {
            "access_keys": [
                {
                    "access_key_id": "AKIAJXXXXXXXXXXZX6GQ", 
                    "access_key_selector": "XXXX", 
                    "create_date": "2017-08-26T01:04:05.720Z", 
                    "secret_access_key": "wPwd2H0XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXkHB08Elo", 
                    "status": "Active", 
                    "user_name": "blubaa"
                }
            ], 
            "created_user": {
                "arn": "arn:aws:iam::30XXXXXXXXXX:user/blubaa", 
                "create_date": "2017-08-26T01:04:05.557Z", 
                "path": "/", 
                "user_id": "AIDAXXXXXXXXXXOYT7M", 
                "user_name": "blubaa"
            }, 
            "password": null
        }
    }
}

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium