I thought this would be the easiest part of creating a dynamic inventory, but I’m having a hell of a time connecting:

boto.exception.NoAuthHandlerFound: No handler was ready to authenticate. 1 handlers were checked. [‘HmacAuthV4Handler’] Check your credentials

In my /ansible/development/ directory, I have ec2.py and ec2.ini files:

/ansible/development/ec2.ini

– snip –
boto_profile = Client

~/.aws/credentials

[DifferentClient]

aws_access_key_id = <DIFFERENT_CLIENT_ACCESS_KEY>
aws_secret_access_key = <DIFFERENT_CLIENT_SECRET_KEY>
region = us-east-1
output = json

[Client]
aws_access_key_id = <PROJECT_ACCESS_KEY>
aws_secret_access_key = <PROJECT_ACCESS_KEY>

The keys are for my IAM user with admin privileges and work just fine when specified directly in the ec2 module.

Any idea what I’ve got misconfigured here? I’m running Ansible 1.9.4.

Thanks.

Also, for whatever it’s worth, I’ve tried putting the keys in ~/.boto, but the result is the same.

One more note on this that I just realized is that the profile only seems to fail for the ec2 module.

This works:

• name: Key Pair | Ensure that the appropriate keypair exists
  ec2_key:
  profile: Socrates
  name: “soc-{{ env_short }}”
  region: “{{ aws_region }}”
  state: present
  register: keypair

This doesn’t

• name: Instances | Create new instances
  ec2:
  profile: Socrates
  region: “{{ aws_region }}”
  instance_type: “{{ ec2.instance_type }}”
  image: “{{ ec2.ami_id }}”
  key_name: “soc-{{ env_short }}”
  group: “{{ env_short }}-{{ server_type }}”
  exact_count: “{{ ec2.instance_count }}”
  count_tag:
  Env: “{{ env }}”
  ManagedBy: Ansible
  ServerType: “{{ server_type }}”
  wait: yes
  assign_public_ip: no # TODO: change to ‘yes’ to assign public ip
  instance_tags:
  Env: “{{ env }}”
  ManagedBy: “Ansible”
  ServerType: “{{ server_type }}”
  Projects: “{{ install_projects | join(‘,’) }}”

termination_protection: yes

volumes:

• device_name: /dev/sda1
  snapshot: snap-2337bd2a

volume_type: gp2

device_type: gp2
volume_size: 100
delete_on_termination: false
register: ec2

The profile also works for ensuring a security group is present. Any chance it’s a bug specific to the ec2 module? Maybe my options for the module (although these options do work if I remove the profile and include the aws_access_key and aws_secret_key directly)?

Well, crap. Looks like this could be related to #981 (https://github.com/ansible/ansible-modules-core/issues/981) or #1701 (https://github.com/ansible/ansible-modules-core/issues/1701). Or both.

Ansible 1.9.4

What version of boto are you using? I’ve noticed issues when using older versions and I’m wondering if the first bug was resolved by updating to a later version (2.38) version of boto.

Assuming you are running of OS X?

$ python -c “import boto; print boto.version”

Good job on the debugging so far.

I’m up to date running boto 2.38.0 on OS X. My OS is Yosemite, but I’d be a little shocked if that were the issue.