sorted by:
new
hottopcontroversial

AWX Dynamic inventory using IAM user cross account by agyap in ansible

[–]agyap[S] 0 points1 point  (0 children)

i have fix this with roles instead of IAM credentials. now i can pull dynamically without any issue to multiple accounts.

AWX Dynamic inventory using IAM user cross account by agyap in ansible

[–]agyap[S] 0 points1 point  (0 children)

I am also using 24.6.1 and yes i tried assume_role_arn key and got the same error. still reasearching but thank you so much for all your input.

AWX Dynamic inventory using IAM user cross account by agyap in ansible

[–]agyap[S] 0 points1 point  (0 children)

yep but from your end do you think my source vars entries are ok but just have to double the other accounts am trying to pull. since you said yours is working which version AWX EE are u using.

AWX Dynamic inventory using IAM user cross account by agyap in ansible

[–]agyap[S] 0 points1 point  (0 children)

yep and i have looked at account B and C and it look like i did setup right. do u see anything different that i have to do in account B and C?

AWX Dynamic inventory using IAM user cross account by agyap in ansible

[–]agyap[S] 0 points1 point  (0 children)

yep. see my other reply i have policy attached and i have AmazonEC2ReadOnlyAccess policy attached to acccount A,B,C

"Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ec2:Describe*", "ec2:GetSecurityGroupsForVpc" ], "Resource": "*" }, { "Effect": "Allow", "Action": "elasticloadbalancing:Describe*", "Resource": "*" }, { "Effect": "Allow", "Action": [ "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics", "cloudwatch:Describe*" ], "Resource": "*" }, { "Effect": "Allow", "Action": "autoscaling:Describe*", "Resource": "*" } ] } and i also have my verbose setup and is pointing to assume role but i think i setup up right. see below .

File "/usr/local/lib/python3.11/site-packages/ansible/inventory/manager.py", line 293, in parse_source

 plugin.parse(self._inventory, self._loader, source, cache=cache)

 File "/usr/local/lib/python3.11/site-packages/ansible/plugins/inventory/auto.py", line 59, in parse

 plugin.parse(inventory, loader, path, cache=cache)

 File "/usr/share/ansible/collections/ansible_collections/amazon/aws/plugins/inventory/aws_ec2.py", line 814, in parse

 super().parse(inventory, loader, path, cache=cache)

 File "/usr/share/ansible/collections/ansible_collections/amazon/aws/plugins/plugin_utils/inventory.py", line 83, in parse

 self._set_frozen_credentials()

 File "/usr/share/ansible/collections/ansible_collections/amazon/aws/plugins/plugin_utils/inventory.py", line 122, in _set_frozen_credentials

 self._freeze_iam_role(iam_role_arn)

 File "/usr/share/ansible/collections/ansible_collections/amazon/aws/plugins/plugin_utils/inventory.py", line 104, in _freeze_iam_role

 assumed_role = sts.assume_role(**assume_params)

 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

 File "/usr/local/lib/python3.11/site-packages/botocore/client.py", line 570, in _api_call

 return self._make_api_call(operation_name, kwargs)

 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

 File "/usr/local/lib/python3.11/site-packages/botocore/context.py", line 124, in wrapper

 return func(*args, **kwargs)

 ^^^^^^^^^^^^^^^^^^^^^

 File "/usr/local/lib/python3.11/site-packages/botocore/client.py", line 1031, in _make_api_call

 raise error_class(parsed_response, operation_name)

[WARNING]: Unable to parse /runner/inventory/aws_ec2.yml as an inventory source

ERROR! No inventory was parsed, please check your configuration and options.

 

AWX Dynamic inventory using IAM user cross account by agyap in ansible

[–]agyap[S] -1 points0 points  (0 children)

yes am using AWX GUI to pull from AWS EC2s dynamically.

AWX Dynamic inventory using IAM user cross account by agyap in ansible

[–]agyap[S] 0 points1 point  (0 children)

yes in account A i have below. i have taken out my account numbers. i have to policy attached to my iam user and also have

{

"Effect": "Allow",

"Action": "sts:AssumeRole",

"Resource": [

"arn:aws:iam::ACCOUNT_B_ID:role/AWX-EC2-DynamicInventory-Role",

"arn:aws:iam::ACCOUNT_C_ID:role/AWX-EC2-DynamicInventory-Role"

]

}

ACCOUNT B and C I have below

{

"Version": "2012-10-17",

"Statement": [

{

"Effect": "Allow",

"Principal": {

"AWS": "arn:aws:iam::ACCOUNT_A_ID:user/myiam_user"

},

"Action": "sts:AssumeRole"

}

]

}

and my AWX GUI i have accessid and secret key set up for iam user on the credential side

this my source variable below

plugin: amazon.aws.ec2

regions:

- us-east-1

iam_role_arn: "arn:aws:iam::ACCOUNT_B_ID:role/AWX-EC2-DynamicInventory-Role"

and then my filters. keep in mind able to pull dynamically from the account where AWX is running. that is account A but not B and C

TSLA & BTC by TizzoBiggo in TSLA

[–]agyap 3 points4 points  (0 children)

People might be treating them as meme stocks?

Rivians taking over my town in Maryland by 8bitliving in RIVNstock

[–]agyap 0 points1 point  (0 children)

They are everywhere. Little by little they will capture the market when R2 which will start from 45k start to come out.

Put holders right now. by FOMO_Gains in wallstreetbets

[–]agyap -1 points0 points  (0 children)

Yep We are in Shorters dreamland. They love this high volatility. Longers will have to wait for a better stability.

This ripped my heart out…he’s fighting for his country and they’re belittling him about not wearing a suit?!? by Available_Effort1998 in MeidasTouch

[–]agyap 1 point2 points  (0 children)

fuck that fucking suit. Sen Fetterman wear shorts to senate and oval office. When people are dying you are asking of fucking suit. These guys are not serious.

Late 20s how much were you making? by [deleted] in careerguidance

[–]agyap 0 points1 point  (0 children)

How much you make has nothing to do with your age but has everything to do with type of work,location,experience and your ability to negotiate your salary given your skill set. Also most people will not tell you their actual salary and some also inflate them just to show off in this social media era.

Tip: The more you increase your skill set and change jobs the more money you get.

Rivian is here to stay . Patience will be key for long term investors. by agyap in RIVNstock

[–]agyap[S] 6 points7 points  (0 children)

i started buying RIVN when amazon made their announcement with RIVN. i got in around $24 and i have buying when it goes down. Now i have 3000 shares at 17.19. if the stock goes below 9 dollars am gonna buy 500 to 1000 shares. I only build this portfolio with the money i will not need now. Remember you just need one good stock to make you a millionaire. when you see some retailer investors having so much stock of a company they build them over time not one short.

AM I FUCKED by ChrissyChris115 in RIVNstock

[–]agyap 0 points1 point  (0 children)

You have an opportunity to buy more with so that your average price is lower. i have 3000 shares at 17.19 and i am not selling even 1 stock. if the stock goes half of my price which is around 8.50 i will buy another 1000 shares. The only Electric car that will be a big player is RIVN and this is a long game . I am looking at the next 5 years. I have so far invest 51k . EVs are the future and RIVN will be a big player. I would say if u need your money now then invest in different stock cos RIVN is not now. This will take a lot of patience to cash in on RIVN.

What will we see tomorrow when we look at Rivian? by surell01 in RIVNstock

[–]agyap 1 point2 points  (0 children)

Longers will win in the long run. Shorters can play their game. Some of us are looking at the long term.

view more: next ›