[英]Ansible not reading credentials from ~/.aws/credentials
I am running ansible with dynamic inventory
. 我正在用
dynamic inventory
运行ansible。 When the aws cli
was setup with aws configure command than the ansible commands with dynamic invetory was running properly. 使用aws configure命令设置
aws cli
时,带有动态invetory的ansible命令正常运行。 But I want to have multiple profiles to be used by dynamic inventory so I have added profile in ~/.aws/credentials
但是我希望动态库存可以使用多个配置文件,因此我在
~/.aws/credentials
添加了配置文件
[personal]
aws_access_key_id = XXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXX
[default]
aws_access_key_id = XXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXX
ansible not picking up these credentials and on running ./ec2.py --list
it is giving the error: 无法获取这些凭据并在运行
./ec2.py --list
时出现错误:
Looks like AWS is down again:
EC2ResponseError: 401 Unauthorized
<?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>AuthFailure</Code><Message>Authorization header or parameters are not formatted correctly.</Message></Error></Errors><RequestID>349d5311-54db-4e79-9bbc-2d60b9f15da5</RequestID></Response>
您是否尝试过将--profile PROFILE开关添加到ec2.py,如下所示。
./ec2.py --list --profile personal
After @uptime365's answer, this is most likely not an Ansible/ec2.py problem. 在@ uptime365回答之后,这很可能不是Ansible / ec2.py问题。 Here's my troubleshooting steps:
这是我的故障排除步骤:
awscli
with those credentials? awscli
与这些凭据一起使用吗? aws ec2 describe-instances --page-size 5
aws ec2 describe-instances --page-size 5 --profile personal
awscli
with the credentials manually included? awscli
与手动包含的凭据一起使用吗? Note there's no need to use profile
since you are specifying the keys. 请注意,由于您要指定密钥,因此无需使用
profile
。
AWS_ACCESS_KEY_ID="AKIA.." AWS_SECRET_ACCESS_KEY=".." aws ec2 describe-instances --page-size 5
If it complains about the region, add AWS_DEFAULT_REGION="us-east-1"
or the region of your choice. 如果它抱怨该区域,请添加
AWS_DEFAULT_REGION="us-east-1"
或您选择的区域。
You have a problem with your access key or secret. 您的访问密钥或机密有问题。 How many characters are in each?
每个中有几个字符? The key should be 20 characters, all uppercase letters and numbers.
密钥应为20个字符,所有大写字母和数字。 The secret is 40 characters, upper/lower/numbers/punctuation.
机密为40个字符,上下/数字/标点符号。
I ran into this issue too, and eventually solved it; 我也遇到了这个问题,并最终解决了这个问题。 the problem was that the clock on my machine had drifted by a couple of minutes.
问题是我的机器上的时钟偏移了几分钟。 Setting the time correctly fixed the issue.
正确设置时间可以解决此问题。
Along the way I learned that aws cli uses boto3, whereas ec2.py uses boto. 一路上,我了解到aws cli使用boto3,而ec2.py使用boto。 It seems that boto3 works slightly differently for authentication, because like @drishti the CLI was working for me even when ec2.py was not.
似乎boto3的身份验证工作略有不同,因为就像@drishti一样,即使没有ec2.py,CLI也会为我工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.