Hi All,
This is a simple playbook I have to test the S3 module which is working fine but I’m having problems when I run the same in pull mode from cron:
~/.bashrc will not be sourced from cron task. .bashrc is sourced only
when bash is started as interactive shell (see man bash), but cron
tasks are started with sh -c (not bash nor interactive).
You can source your .bashrc manually or you can setup your
AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY:
*/5 * * * * ...; AWS_ACCESS_KEY_ID=id AWS_SECRET_ACCESS_KEY=secret
ansible-pull ...
or:
*/5 * * * * ...; source /path/to/your/.bashrc; ansible-pull ...
Thanks for the reply Krzysztof.
The problem is I’m using this approach on new Amazon EC2 instances and the only thing I have baked in the AMI along with Ansible installation and the ansible-pull cron is the ssh git in order to access the git server.
Therefore the AWS credentials are been checkout from git after the cronjob starts so I can’t know or specify them before the cronjob. As a temporary solution I have the AWS credentials in every S3 task as an argument but still I don’t think this is the best way to do it…
There are a couple ways to provide credentials to the ec2 modules / boto ... https://gist.github.com/jctanner/7467100#credentials
1) IAM roles
2) boto config files
3) create vars via the password lookup http://www.ansibleworks.com/docs/playbooks_lookups.html#the-password-lookup