Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Ansible and s3 module

Tags:

amazon-web-services

amazon-s3

ansible

I'm trying to use Ansible to download some files to my various EC2 instances. The problem I'm having is when it comes to my AWS credentials. The AWS Ansible modules all work great, including the S3 module. The following (when I substitute in my AWS credentials) works like a charm.

  - name: upload data import file
    s3: aws_access_key=<accesskey> aws_secret_key=<secretkey> bucket=my-bucket object=/data.zip mode=get

However, I need Ansible playbooks and roles I'm writing to be utilized by anyone, and I don't want to have any AWS credentials hardcoded. Everywhere else I use the Ansible AWS modules, I've eliminated aws_access_key and aws_secret_key and it works just fine as Ansible looks for those values in environment variables. However, with every other use, I'm running them as local actions. So, it's pulling the credentials from my local machine, which is what I want. The problem is when I'm running the S3 module on one of my instances, if I eliminate the credential parameters, I get:

failed: [54.173.19.238] => {"failed": true}
msg: No handler was ready to authenticate. 1 handlers were checked. ['HmacAuthV1Handler'] Check your credentials

I imagine that this is because since I've not specified the credentials, it's looking for them in environment variables on my instance, where they are not set. Nor would I want to set them in environment variables on the instance.

Is there a way I can download a file from S3 with ansible and not have to specify my AWS credentials?

like image 382
Lee Fox Avatar asked Mar 16 '23 19:03

Lee Fox

1 Answers

S3 module in ansible doesn't support the profile option, but you can use like this, if you have exported the aws_key and aws_secret as variables:

export aws_key="AAAAAAAAAAAAAAAAAAAAAAAAAA"
export aws_secret="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

Then you can use them like this:

s3:
  aws_access_key: "{{ lookup('env','aws_key') }}"
  aws_secret_key: "{{ lookup('env','aws_secret') }}"
  bucket: "my-bucket"
  object: "/data.zip"
  mode: get

Hope this will help you or anyone, who is looking for, to use the local environment variables inside the ansible playbook. Thanks

like image 192
Arbab Nazar Avatar answered Mar 24 '23 17:03

Arbab Nazar
Sign in to Comment

Related questions

Carrierwave, Fog, Amazon S3, Rails 4
stuck with status check of amazon ec2 instance
How to get CommonPrefixes from an Amazon S3 ListObjects Iterator
Why should I use AWS RDS?
Allow AWS IAM user to launch only one ec2 instance
Scalable way to share cached files across frontend servers
Retrieve file and thumbnail url from AWS Elastic Transcoder job
Elastic Beanstalk - Cron job is running but not executing
Can an aws IAM policy dynamically refer to the logged in username?
Error when attempting upload to S3 with gaufrette
AWS Elastic Beanstalk (eb) installation in Ubuntu 14.04: command not found
How to use ruby to write individual records to a Redshift database?
Proguard Aws s3 issue
How can i change AWS S3 content type only for audio files
Access AWS RDS from Private Subnet
How to redirect to https on tomcat behind ELB
Running a COPY command to load gzip-ed data to Redshift in S3
AWS: can i use all the 18 free tier eligible products at the same time
No path when executing commands in elastic beanstalk's container_commands
DynamoDb with ConditionExpression

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!