I have a service principal for authentication. Based on this bullet:
- To authenticate via service principal, pass subscription_id, client_id, secret and tenant or set environment variables AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, AZURE_SECRET and AZURE_TENANT. My takeaway is that I need to supply the subscription_id, client_id, tenant, and secret to tell Ansible that I want to authenticate using service principal. Since the module accepts subscription_id, client_id, tenant, and secret, I'm passing the values to the module, figuring the module will attempt to perform authentication using my service principal. I'm not getting an authentication failed type of message, so it seems that the module isn't using the values I'm supplying. To test this out, I tried to set auth_source to "credential_file", as I've got the parameters required for service principal authentication stored in the default location (~/.azure/credentials); however, it fails the same way, so my guess is the module needs something so that when the constructor gets called ... it can create the object; however, I don't see what I'm missing. Thanks, Shawn On Wednesday, March 15, 2023 at 11:04:23 AM UTC-4 Rowe, Walter P. (Fed) wrote: > TypeError: ResourceManagementClient.__init__() missing 1 required > positional argument: 'credential'. > > What kind of authentication have you configured? > > > https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_resourcegroup_info_module.html#ansible-collections-azure-azcollection-azure-rm-resourcegroup-info-module > > Walter > -- > Walter Rowe, Division Chief > Infrastructure Services, OISM > Mobile: 202.355.4123 <(202)%20355-4123> > > On Mar 15, 2023, at 10:53 AM, Shawn Singh <[email protected]> wrote: > > Hello, > > I have a playbook where I am calling my az commands via the command module. > It works as expected. > I'm trying to convert it to PoSH (different thread) and as I'm seeing some > issues there, falling back to using specific Azure Modules. > > When I execute the following playbook, it fails. > > My intent is just to check for the existence of a resource group, > authenticating using service principal. > > I've got more int he original playbook; however, trying to start small, so > I've only coded a couple tasks. > > # get the subscription_id, client_id, tenant, secret > > - name: read secret > > include_vars: > > file: ../files/spsecret > > no_log: true > > # check if resource group exists, pass in the args retrieved in previous > step for authentication > > - name: check if the rg already exists > > azure.azcollection.azure_rm_resourcegroup_info: > > name: "np-{{ custom_name }}-rg-east" > > subscription_id: "{{ sub_id }}" > > client_id: "{{ sp }}" > > secret: "{{ secret }}" > > tenant: "{{ tenant }}" > > register: rg_exists > > The full traceback is: > > Traceback (most recent call last): > > File > "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py", > > line 107, in <module> > > _ansiballz_main() > > File > "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py", > > line 99, in _ansiballz_main > > invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS) > > File > "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py", > > line 47, in invoke_module > > > runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info', > > init_globals=dict(_module_fqn='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info', > > _modlib_path=modlib_path), > > File > "/opt/homebrew/Cellar/[email protected]/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", > > line 224, in run_module > > return _run_module_code(code, init_globals, run_name, mod_spec) > > File > "/opt/homebrew/Cellar/[email protected]/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", > > line 96, in _run_module_code > > _run_code(code, mod_globals, init_globals, > > File > "/opt/homebrew/Cellar/[email protected]/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", > > line 86, in _run_code > > exec(code, run_globals) > > File > "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", > > line 235, in <module> > > File > "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", > > line 231, in main > > File > "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", > > line 160, in __init__ > > File > "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", > > line 472, in __init__ > > File > "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", > > line 174, in exec_module > > File > "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", > > line 194, in get_item > > File > "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", > > line 1070, in rm_client > > File > "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", > > line 920, in get_mgmt_svc_client > > TypeError: ResourceManagementClient.__init__() missing 1 required > positional argument: 'credential'. > > Not getting what is causing the error as I'm passing the parameters > required for service principal auth. > > In addition, I tried having a az login task, removing the service > principal stuff from the 'check if the rg already exists' task. The az > login worked... but the task failed with the same error. > > This is my version of ansible and ansible-core: > > ansible 7.3.0 > > ansible-core 2.14.3 > > Here's more details about my environment: > > ansible [core 2.14.3] > > config file = None > > configured module search path = > ['/Users/j8683/.ansible/plugins/modules', > '/usr/share/ansible/plugins/modules'] > > ansible python module location = > /Users/j8683/Library/Python/3.9/lib/python/site-packages/ansible > > ansible collection location = > /Users/j8683/.ansible/collections:/usr/share/ansible/collections > > executable location = /Users/j8683/Library/Python/3.9/bin/ansible > > python version = 3.9.6 (default, Sep 26 2022, 11:37:49) [Clang 14.0.0 > (clang-1400.0.29.202)] (/Library/Developer/CommandLineTools/usr/bin/python3) > > jinja version = 3.1.2 > > libyaml = True > > Thanks, > > Shawn > > > > > > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/5adb2e0b-b12e-4775-bfae-7d00c8c3144an%40googlegroups.com > > <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fd%2Fmsgid%2Fansible-project%2F5adb2e0b-b12e-4775-bfae-7d00c8c3144an%2540googlegroups.com%3Futm_medium%3Demail%26utm_source%3Dfooter&data=05%7C01%7Cwalter.rowe%40nist.gov%7C36bb9dd723e04dd4c03c08db25650f4a%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638144888219818186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=CAYT6jER%2BRsHOmKrpvWBycTvH16djAVU1wAEJiO5REc%3D&reserved=0> > . > > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/848506f1-26c8-4705-8fb7-ad5e3a1d8be4n%40googlegroups.com.
