Amazon web services 如何使用Ansible的iam_模块获取访问密钥？_Amazon Web Services_Ansible_Amazon Iam

Amazon web services 如何使用Ansible的iam_模块获取访问密钥？

amazon-web-services ansible

Amazon web services 如何使用Ansible的iam_模块获取访问密钥？,amazon-web-services,ansible,amazon-iam,Amazon Web Services,Ansible,Amazon Iam,我正在使用Ansible创建AWS用户。Ansible的功能之一是创建具有访问密钥的用户。我想知道在成功创建用户后如何获得访问密钥我尝试了2.0.1.0。应在2.0.0.2中工作 tasks: - iam: iam_type: user name: foo state: present access_key_state: create register: credentials - debug: var=credential

我正在使用Ansible创建AWS用户。Ansible的功能之一是创建具有访问密钥的用户。我想知道在成功创建用户后如何获得访问密钥

我尝试了

2.0.1.0

。应在

2.0.0.2

中工作

  tasks:
  - iam:
      iam_type: user
      name: foo
      state: present
      access_key_state: create
    register: credentials
  - debug: var=credentials

输出

[debug] *******************************************************************
ok: [127.0.0.1] => {
    "credentials": {
        "changed": false,
        "groups": null,
        "keys": {
            "AKIAXXXXXXXXXXTTGFXX": "Active"
        },
        "user_name": "foo"
    }
}

从Ansible 2.0.1.0开始，无法获取该秘密。这是一只虫子。同时（我正在使用Ansible 2.3.2.0），该问题已成功修复，请参见：

- name: Create restricted bot user to access S3
  iam:
    iam_type: user
    name: blubaa  
    state: present
    access_key_state: create
  connection: local
  register: credentials

- debug: var=credentials

输出：

ok: [XXXXXXXXXX] => {
    "credentials": {
        "changed": true, 
        "groups": null, 
        "keys": [
            {
                "access_key_id": "AKIAJXXXXXXXXXXZX6GQ", 
                "create_date": "2017-08-26T01:04:05Z", 
                "status": "Active", 
                "user_name": "blubaa"
            }
        ], 
        "user_meta": {
            "access_keys": [
                {
                    "access_key_id": "AKIAJXXXXXXXXXXZX6GQ", 
                    "access_key_selector": "XXXX", 
                    "create_date": "2017-08-26T01:04:05.720Z", 
                    "secret_access_key": "wPwd2H0XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXkHB08Elo", 
                    "status": "Active", 
                    "user_name": "blubaa"
                }
            ], 
            "created_user": {
                "arn": "arn:aws:iam::30XXXXXXXXXX:user/blubaa", 
                "create_date": "2017-08-26T01:04:05.557Z", 
                "path": "/", 
                "user_id": "AIDAXXXXXXXXXXOYT7M", 
                "user_name": "blubaa"
            }, 
            "password": null
        }
    }
}

您的ansible版本是什么？2.0.0.2是当前版本。它可能在2,0,0,2中工作。注册结果并重试。看看我的答案。你认为你也能得到钥匙的秘密部分吗？它只在创建时可用。现在无法获取秘密。查看我的更新。您显示的是访问密钥，但不是密钥。

ok: [XXXXXXXXXX] => {
    "credentials": {
        "changed": true, 
        "groups": null, 
        "keys": [
            {
                "access_key_id": "AKIAJXXXXXXXXXXZX6GQ", 
                "create_date": "2017-08-26T01:04:05Z", 
                "status": "Active", 
                "user_name": "blubaa"
            }
        ], 
        "user_meta": {
            "access_keys": [
                {
                    "access_key_id": "AKIAJXXXXXXXXXXZX6GQ", 
                    "access_key_selector": "XXXX", 
                    "create_date": "2017-08-26T01:04:05.720Z", 
                    "secret_access_key": "wPwd2H0XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXkHB08Elo", 
                    "status": "Active", 
                    "user_name": "blubaa"
                }
            ], 
            "created_user": {
                "arn": "arn:aws:iam::30XXXXXXXXXX:user/blubaa", 
                "create_date": "2017-08-26T01:04:05.557Z", 
                "path": "/", 
                "user_id": "AIDAXXXXXXXXXXOYT7M", 
                "user_name": "blubaa"
            }, 
            "password": null
        }
    }
}