Created
August 23, 2017 15:37
-
-
Save johnrizzo1/9bba1c7bee1c9fd52423353de1e8d928 to your computer and use it in GitHub Desktop.
aws salt-stack issue
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /srv/pillar/aws/init.sls which is called from /srv/pillar/aws/top.sls | |
| aws: | |
| accounts: | |
| common: | |
| iam_groups: | |
| - aws-common_admin: | |
| - permissions: | |
| - managed_policies: | |
| - AdministratorAccess | |
| - NetworkAdministrator | |
| - svc-aws_common-users-admins: | |
| - permissions: | |
| managed_policies: | |
| - AdministratorAccess | |
| - svc-aws_common-users-dba: | |
| - permissions: | |
| managed_policies: | |
| - AdministratorAccess | |
| - svc-aws_common-users-network: | |
| - permissions: | |
| managed_policies: | |
| - AdministratorAccess | |
| - svc-aws_common-users-operators: | |
| - permissions: | |
| managed_policies: | |
| - AdministratorAccess | |
| /srv/salt/aws/init.sls which is called from /srv/salt/top.sls | |
| {% for account in salt["pillar.get"]('aws:accounts') %} | |
| echo "Account is {{ account }}": | |
| cmd.run | |
| echo 'salt["pillar.get"]("aws:accounts:{{- account }}:iam_groups")': | |
| cmd.run | |
| {% set groups = salt["pillar.get"]('aws:accounts:{{- account }}:iam_groups') %} | |
| {% for group in groups %} | |
| {% set group_name = group.keys()[0] %} | |
| create-group "{{ group_name }}": | |
| boto_iam.group_present: | |
| - name: {{ group_name }}-test | |
| - policies: | |
| mypolicy: | | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [{ | |
| "Effect": "Allow", | |
| "Action": "*", | |
| "Resource": "*"}] | |
| } | |
| - region: {{ region }} | |
| - keyid: {{ keyid }} | |
| - key: {{ key }} | |
| {% else %} # iam_groups | |
| echo "Unable to iterate the iam_groups": | |
| cmd.run | |
| {% endfor %} # iam_groups | |
| {% else %} # accounts | |
| echo "Unable to iterate the accounts": | |
| cmd.run | |
| {% endfor %} # accounts | |
| // output | |
| root@salt:/# salt '*' state.highstate | |
| [DEBUG ] Configuration file path: /etc/salt/master | |
| [WARNING ] Insecure logging configuration detected! Sensitive data may be logged. | |
| [DEBUG ] Reading configuration from /etc/salt/master | |
| [DEBUG ] Including configuration from '/etc/salt/master.d/fileserver.conf' | |
| [DEBUG ] Reading configuration from /etc/salt/master.d/fileserver.conf | |
| [DEBUG ] Including configuration from '/etc/salt/master.d/logging.conf' | |
| [DEBUG ] Reading configuration from /etc/salt/master.d/logging.conf | |
| [DEBUG ] Including configuration from '/etc/salt/master.d/pillar.conf' | |
| [DEBUG ] Reading configuration from /etc/salt/master.d/pillar.conf | |
| [DEBUG ] Using cached minion ID from /etc/salt/minion_id: ddfe7b43c59b | |
| [DEBUG ] Missing configuration file: /root/.saltrc | |
| [DEBUG ] MasterEvent PUB socket URI: /var/run/salt/master/master_event_pub.ipc | |
| [DEBUG ] MasterEvent PULL socket URI: /var/run/salt/master/master_event_pull.ipc | |
| [DEBUG ] Initializing new AsyncZeroMQReqChannel for ('/etc/salt/pki/master', 'ddfe7b43c59b_master', 'tcp://127.0.0.1:4506', 'clear') | |
| [DEBUG ] Initializing new IPCClient for path: /var/run/salt/master/master_event_pub.ipc | |
| [DEBUG ] LazyLoaded local_cache.get_load | |
| [DEBUG ] Reading minion list from /var/cache/salt/master/jobs/8d/bbe1dc5264edbd03cf2c2686821d8421e478dff129ed4ad9880c3da33306df/.minions.p | |
| [DEBUG ] get_iter_returns for jid 20170823153128396988 sent to set(['ddfe7b43c59b']) will timeout at 15:31:33.456287 | |
| [DEBUG ] jid 20170823153128396988 return from ddfe7b43c59b | |
| [DEBUG ] return event: {'ddfe7b43c59b': {'jid': '20170823153128396988', 'retcode': 0, 'ret': {'cmd_|-echo "Account is common"_|-echo "Account is common"_|-run': {'comment': 'Command "echo "Account is common"" run', 'name': 'echo "Account is common"', 'start_time': '15:31:30.077764', 'result': True, 'duration': 100.702, '__run_num__': 0, '__sls__': 'aws', 'changes': {'pid': 74801, 'retcode': 0, 'stderr': '', 'stdout': 'Account is common'}, '__id__': 'echo "Account is common"'}, 'cmd_|-echo "Unable to iterate the iam_groups"_|-echo "Unable to iterate the iam_groups"_|-run': {'comment': 'Command "echo "Unable to iterate the iam_groups"" run', 'name': 'echo "Unable to iterate the iam_groups"', 'start_time': '15:31:30.306991', 'result': True, 'duration': 104.939, '__run_num__': 2, '__sls__': 'aws', 'changes': {'pid': 74806, 'retcode': 0, 'stderr': '', 'stdout': 'Unable to iterate the iam_groups'}, '__id__': 'echo "Unable to iterate the iam_groups"'}, 'cmd_|-echo \'salt["pillar.get"]("aws:accounts:common:iam_groups")\'_|-echo \'salt["pillar.get"]("aws:accounts:common:iam_groups")\'_|-run': {'comment': 'Command "echo \'salt["pillar.get"]("aws:accounts:common:iam_groups")\'" run', 'name': 'echo \'salt["pillar.get"]("aws:accounts:common:iam_groups")\'', 'start_time': '15:31:30.178694', 'result': True, 'duration': 126.912, '__run_num__': 1, '__sls__': 'aws', 'changes': {'pid': 74803, 'retcode': 0, 'stderr': '', 'stdout': 'salt["pillar.get"]("aws:accounts:common:iam_groups")'}, '__id__': 'echo \'salt["pillar.get"]("aws:accounts:common:iam_groups")\''}}, 'out': 'highstate'}} | |
| [DEBUG ] LazyLoaded highstate.output | |
| [DEBUG ] LazyLoaded nested.output | |
| [DEBUG ] LazyLoaded nested.output | |
| [DEBUG ] LazyLoaded nested.output | |
| ddfe7b43c59b: | |
| ---------- | |
| ID: echo "Account is common" | |
| Function: cmd.run | |
| Result: True | |
| Comment: Command "echo "Account is common"" run | |
| Started: 15:31:30.077764 | |
| Duration: 100.702 ms | |
| Changes: | |
| ---------- | |
| pid: | |
| 74801 | |
| retcode: | |
| 0 | |
| stderr: | |
| stdout: | |
| Account is common | |
| ---------- | |
| ID: echo 'salt["pillar.get"]("aws:accounts:common:iam_groups")' | |
| Function: cmd.run | |
| Result: True | |
| Comment: Command "echo 'salt["pillar.get"]("aws:accounts:common:iam_groups")'" run | |
| Started: 15:31:30.178694 | |
| Duration: 126.912 ms | |
| Changes: | |
| ---------- | |
| pid: | |
| 74803 | |
| retcode: | |
| 0 | |
| stderr: | |
| stdout: | |
| salt["pillar.get"]("aws:accounts:common:iam_groups") | |
| ---------- | |
| ID: echo "Unable to iterate the iam_groups" | |
| Function: cmd.run | |
| Result: True | |
| Comment: Command "echo "Unable to iterate the iam_groups"" run | |
| Started: 15:31:30.306991 | |
| Duration: 104.939 ms | |
| Changes: | |
| ---------- | |
| pid: | |
| 74806 | |
| retcode: | |
| 0 | |
| stderr: | |
| stdout: | |
| Unable to iterate the iam_groups | |
| Summary for ddfe7b43c59b | |
| ------------ | |
| Succeeded: 3 (changed=3) | |
| Failed: 0 | |
| ------------ | |
| Total states run: 3 | |
| Total run time: 332.553 ms | |
| [DEBUG ] jid 20170823153128396988 found all minions set(['ddfe7b43c59b']) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment