I opened an issue with the github project. Short answer, I needed to force upgrade azure/azcollection from 1.14 to 1.15.
For more detail: https://github.com/ansible-collections/azure/issues/1111 Thanks, Shawn On Wednesday, March 15, 2023 at 1:19:54 PM UTC-4 Shawn Singh wrote: > I'm reading that as a way to do it (note the 'or'...), not the only way to > do it... > > * or *set environment variables AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, > AZURE_SECRET and AZURE_TENANT. > > While I can try it out for test purposes, I'm trying to avoid setting the > values in environment variables. > > I appreciate your feedback. > > Shawn > > On Wednesday, March 15, 2023 at 12:23:58 PM UTC-4 Rowe, Walter P. (Fed) > wrote: > >> Given how they are presented in all caps and it says "environment >> variables" then you need to make them ENVIRONMENT variables (ie Linux env >> vars) – not parameters to the task module. >> >> >> Walter >> -- >> Walter Rowe, Division Chief >> Infrastructure Services, OISM >> Mobile: 202.355.4123 <(202)%20355-4123> >> >> On Mar 15, 2023, at 12:11 PM, Shawn Singh <[email protected]> wrote: >> >> I have a service principal for authentication. >> >> Based on this bullet: >> >> - To authenticate via service principal, pass subscription_id, >> client_id, secret and tenant or set environment variables >> AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, AZURE_SECRET and AZURE_TENANT. >> >> >> My takeaway is that I need to supply the subscription_id, client_id, >> tenant, and secret to tell Ansible that I want to authenticate using >> service principal. >> >> Since the module accepts subscription_id, client_id, tenant, and secret, >> I'm passing the values to the module, figuring the module will attempt to >> perform authentication using my service principal. >> >> I'm not getting an authentication failed type of message, so it seems >> that the module isn't using the values I'm supplying. >> To test this out, I tried to set auth_source to "credential_file", as >> I've got the parameters required for service principal authentication >> stored in the default location (~/.azure/credentials); however, it fails >> the same way, so my guess is the module needs something so that when the >> constructor gets called ... it can create the object; however, I don't see >> what I'm missing. >> >> Thanks, >> >> Shawn >> On Wednesday, March 15, 2023 at 11:04:23 AM UTC-4 Rowe, Walter P. (Fed) >> wrote: >> >>> TypeError: ResourceManagementClient.__init__() missing 1 required >>> positional argument: 'credential'. >>> >>> What kind of authentication have you configured? >>> >>> >>> https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_resourcegroup_info_module.html#ansible-collections-azure-azcollection-azure-rm-resourcegroup-info-module >>> >>> <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.ansible.com%2Fansible%2Flatest%2Fcollections%2Fazure%2Fazcollection%2Fazure_rm_resourcegroup_info_module.html%23ansible-collections-azure-azcollection-azure-rm-resourcegroup-info-module&data=05%7C01%7Cwalter.rowe%40nist.gov%7C1c26f1c913e84790886a08db256ff4c3%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638144935000756704%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=%2Bc4%2B6g4dXnuF9pmJXgOiQ8QUqUwfuY7JW9mK7mQht10%3D&reserved=0> >>> >>> Walter >>> -- >>> Walter Rowe, Division Chief >>> Infrastructure Services, OISM >>> Mobile: 202.355.4123 <(202)%20355-4123> >>> >>> On Mar 15, 2023, at 10:53 AM, Shawn Singh <[email protected]> wrote: >>> >>> Hello, >>> >>> I have a playbook where I am calling my az commands via the command >>> module. >>> It works as expected. >>> I'm trying to convert it to PoSH (different thread) and as I'm seeing >>> some issues there, falling back to using specific Azure Modules. >>> >>> When I execute the following playbook, it fails. >>> >>> My intent is just to check for the existence of a resource group, >>> authenticating using service principal. >>> >>> I've got more int he original playbook; however, trying to start small, >>> so I've only coded a couple tasks. >>> >>> # get the subscription_id, client_id, tenant, secret >>> >>> - name: read secret >>> >>> include_vars: >>> >>> file: ../files/spsecret >>> >>> no_log: true >>> >>> # check if resource group exists, pass in the args retrieved in previous >>> step for authentication >>> >>> - name: check if the rg already exists >>> >>> azure.azcollection.azure_rm_resourcegroup_info: >>> >>> name: "np-{{ custom_name }}-rg-east" >>> >>> subscription_id: "{{ sub_id }}" >>> >>> client_id: "{{ sp }}" >>> >>> secret: "{{ secret }}" >>> >>> tenant: "{{ tenant }}" >>> >>> register: rg_exists >>> >>> The full traceback is: >>> >>> Traceback (most recent call last): >>> >>> File >>> "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py", >>> >>> line 107, in <module> >>> >>> _ansiballz_main() >>> >>> File >>> "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py", >>> >>> line 99, in _ansiballz_main >>> >>> invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS) >>> >>> File >>> "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py", >>> >>> line 47, in invoke_module >>> >>> >>> runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info', >>> >>> init_globals=dict(_module_fqn='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info', >>> >>> _modlib_path=modlib_path), >>> >>> File >>> "/opt/homebrew/Cellar/[email protected]/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", >>> >>> line 224, in run_module >>> >>> return _run_module_code(code, init_globals, run_name, mod_spec) >>> >>> File >>> "/opt/homebrew/Cellar/[email protected]/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", >>> >>> line 96, in _run_module_code >>> >>> _run_code(code, mod_globals, init_globals, >>> >>> File >>> "/opt/homebrew/Cellar/[email protected]/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py", >>> >>> line 86, in _run_code >>> >>> exec(code, run_globals) >>> >>> File >>> "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", >>> >>> line 235, in <module> >>> >>> File >>> "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", >>> >>> line 231, in main >>> >>> File >>> "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", >>> >>> line 160, in __init__ >>> >>> File >>> "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", >>> >>> line 472, in __init__ >>> >>> File >>> "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", >>> >>> line 174, in exec_module >>> >>> File >>> "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py", >>> >>> line 194, in get_item >>> >>> File >>> "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", >>> >>> line 1070, in rm_client >>> >>> File >>> "/var/folders/51/76dtk91x4wq1lgdndd_ll6040000gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", >>> >>> line 920, in get_mgmt_svc_client >>> >>> TypeError: ResourceManagementClient.__init__() missing 1 required >>> positional argument: 'credential'. >>> >>> Not getting what is causing the error as I'm passing the parameters >>> required for service principal auth. >>> >>> In addition, I tried having a az login task, removing the service >>> principal stuff from the 'check if the rg already exists' task. The az >>> login worked... but the task failed with the same error. >>> >>> This is my version of ansible and ansible-core: >>> >>> ansible 7.3.0 >>> >>> ansible-core 2.14.3 >>> >>> Here's more details about my environment: >>> >>> ansible [core 2.14.3] >>> >>> config file = None >>> >>> configured module search path = >>> ['/Users/j8683/.ansible/plugins/modules', >>> '/usr/share/ansible/plugins/modules'] >>> >>> ansible python module location = >>> /Users/j8683/Library/Python/3.9/lib/python/site-packages/ansible >>> >>> ansible collection location = >>> /Users/j8683/.ansible/collections:/usr/share/ansible/collections >>> >>> executable location = /Users/j8683/Library/Python/3.9/bin/ansible >>> >>> python version = 3.9.6 (default, Sep 26 2022, 11:37:49) [Clang 14.0.0 >>> (clang-1400.0.29.202)] (/Library/Developer/CommandLineTools/usr/bin/python3) >>> >>> jinja version = 3.1.2 >>> >>> libyaml = True >>> >>> Thanks, >>> >>> Shawn >>> >>> >>> >>> >>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/5adb2e0b-b12e-4775-bfae-7d00c8c3144an%40googlegroups.com >>> >>> <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fd%2Fmsgid%2Fansible-project%2F5adb2e0b-b12e-4775-bfae-7d00c8c3144an%2540googlegroups.com%3Futm_medium%3Demail%26utm_source%3Dfooter&data=05%7C01%7Cwalter.rowe%40nist.gov%7C1c26f1c913e84790886a08db256ff4c3%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638144935000756704%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=v4D1Fk%2B%2FSkq%2FdVIzumC%2BnZn3xdnPmg1Yt3DeJtmVk%2F4%3D&reserved=0> >>> . >>> >>> >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/848506f1-26c8-4705-8fb7-ad5e3a1d8be4n%40googlegroups.com >> >> <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fd%2Fmsgid%2Fansible-project%2F848506f1-26c8-4705-8fb7-ad5e3a1d8be4n%2540googlegroups.com%3Futm_medium%3Demail%26utm_source%3Dfooter&data=05%7C01%7Cwalter.rowe%40nist.gov%7C1c26f1c913e84790886a08db256ff4c3%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638144935000756704%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=I%2BJQ9f21wOVdCjvGFEAfHWleoi7F8KpdZRaibWDmacs%3D&reserved=0> >> . >> >> >> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/8ba69b7a-ab3f-4f57-8ad7-15d30f3cbcf9n%40googlegroups.com.
