Yep only last value
On Thu, Feb 9, 2023 at 2:52 PM Todd Lewis <[email protected]> wrote:
> Here's an idea: Register the result, and show us the output from
> `ansible-playbook -vv`.
> Based on what you said before about it replacing rather than adding to,
> I'm going to guess you're only getting the last value. (?)
>
> On Thursday, February 9, 2023 at 5:02:45 PM UTC-5 Tony Wong wrote:
>
>> trying my loop but its only putting in one value . any idea?
>>
>> ---
>> - name: test
>> hosts: localhost
>> tasks:
>> - name: Create IAM Managed Policy
>> amazon.aws.iam_policy:
>> iam_type: role
>> iam_name: "aws_test_role"
>> policy_name: "PrismaCloud-IAM-ReadOnly-Policy"
>> policy_json:
>> Version: "2012-10-17"
>> Statement:
>> - Action: "{{ item }}"
>> Effect: "Allow"
>> Resource: "*"
>> state: present
>> loop:
>> - acm-pca:ListTags
>> - acm-pca:GetPolicy
>> - acm-pca:GetPolicy
>>
>> On Thu, Feb 9, 2023 at 1:29 PM Tony Wong <[email protected]> wrote:
>>
>>> ok I tried doing it this way and it worked but wiped out my existing
>>> policy. any idea how to append instead of replace?
>>>
>>> ---
>>> - name: test
>>> hosts: localhost
>>> tasks:
>>> - name: Create IAM Managed Policy
>>> amazon.aws.iam_policy:
>>> iam_type: role
>>> iam_name: "aws_test_role"
>>> policy_name: "PrismaCloud-IAM-ReadOnly-Policy"
>>> policy_json:
>>> Version: "2012-10-17"
>>> Statement:
>>> - Action: ["appstream:DescribeStacks"]
>>> Effect: "Allow"
>>> Resource: "*"
>>> state: present
>>>
>>> On Thu, Feb 9, 2023 at 11:49 AM Tony Wong <[email protected]> wrote:
>>>
>>>> yes it does
>>>>
>>>> On Thu, Feb 9, 2023 at 11:47 AM 'Rowe, Walter P. (Fed)' via Ansible
>>>> Project <[email protected]> wrote:
>>>>
>>> Does your AWS user ID used by the task have rights to modify IAM
>>>>> policies?
>>>>>
>>>>> Walter
>>>>> --
>>>>> Walter Rowe, Division Chief
>>>>> Infrastructure Services, OISM
>>>>> Mobile: 202.355.4123 <(202)%20355-4123>
>>>>>
>>>>
>>>>> On Feb 9, 2023, at 2:46 PM, Tony Wong <[email protected]> wrote:
>>>>>
>>>>> I am trying to add or modify an iam policy with below. it ran but did
>>>>> not modify anything
>>>>>
>>>>> any idea?
>>>>>
>>>>> ---
>>>>> - name: test
>>>>> hosts: localhost
>>>>> tasks:
>>>>> - name: Create IAM Managed Policy
>>>>> community.aws.iam_managed_policy:
>>>>> policy_name: "PrismaCloud-IAM-ReadOnly-Policy"
>>>>> policy:
>>>>> Version: "2012-10-17"
>>>>> Statement:
>>>>> - Effect: "Allow"
>>>>> "Action": "appstream:DescribeStacks"
>>>>> Resource: "*"
>>>>> make_default: false
>>>>> state: present
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> You received this message because you are subscribed to the Google
>>>>> Groups "Ansible Project" group.
>>>>>
>>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>>> an email to [email protected].
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/d/msgid/ansible-project/06b09dc9-215a-44a9-b9f0-ec4f7732f775n%40googlegroups.com
>>>>> <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fd%2Fmsgid%2Fansible-project%2F06b09dc9-215a-44a9-b9f0-ec4f7732f775n%2540googlegroups.com%3Futm_medium%3Demail%26utm_source%3Dfooter&data=05%7C01%7Cwalter.rowe%40nist.gov%7Cdfa74f54be62470a632008db0ad64e5f%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638115687786510359%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=fJhceH%2FdgC1pUwuDbWHQLUQUtd9NSvdwjOzmPwVhYMA%3D&reserved=0>
>>>>> .
>>>>>
>>>>>
>>>>> --
>>>>> You received this message because you are subscribed to a topic in the
>>>>> Google Groups "Ansible Project" group.
>>>>> To unsubscribe from this topic, visit
>>>>> https://groups.google.com/d/topic/ansible-project/WZzXL_z_teA/unsubscribe
>>>>> .
>>>>> To unsubscribe from this group and all its topics, send an email to
>>>>> [email protected].
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/d/msgid/ansible-project/0A40E414-A094-499F-A48F-750F8F8072C5%40nist.gov
>>>>> <https://groups.google.com/d/msgid/ansible-project/0A40E414-A094-499F-A48F-750F8F8072C5%40nist.gov?utm_medium=email&utm_source=footer>
>>>>> .
>>>>>
>>>> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/WZzXL_z_teA/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/4e7d8b42-efa8-4206-93bf-e6d40c33d9adn%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/4e7d8b42-efa8-4206-93bf-e6d40c33d9adn%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CALmkhkpizPuW1_Mch_7cyDmLTvVNL%3DFviaXQ%2BqEGVsO2Q1y-PA%40mail.gmail.com.
