Fairly new to ansible and encounter below error:
I have below static inventory file:
[win]
server1 ansible_host=ip1
server2 ansible_host=ip2
server3 ansible_host=ip3
server4 ansible_host=ip4
server5 ansible_host=ip5
server6 ansible_host=ip6
server7 ansible_host=ip7
[win:vars]
ansible_user=some_user
ansible_password="somepass"
ansible_port=5986
ansible_connection=winrm
ansible_winrm_scheme=https
ansible_winrm_transport=credssp
ansible_winrm_server_cert_validation=ignore
Windows instances are setup for credssp connection with windows service connection and I am able to run playbooks using this connection with no problems.
Dynamic Inventory file:
plugin: amazon.aws.aws_ec2
regions:
- "us-east-1"
keyed_groups:
- key: tags.Name
- key: tags.Environment
filters:
instance-state-name : running
hostnames:
- private-ip-address
compose:
ansible_host: private_ip_address
instance_id: instance_id
ansible_user: "'some_user'"
ansible_password: "'somepass'"
ansible_port: 5986
ansible_connection: winrm
ansible_winrm_transport: credssp
ansible_winrm_scheme: https
I can list all hosts using ansible-inventory command. Not sure if need to specify ansible_user and ansible_password somewhere else rather than inside the dynamic inventory file?
Now when I try to run playbooks against my dynamic inventory I get;
UNREACHABLE! => {"changed": false, "msg": "ssl: the specified credentials were rejected by the server", "unreachable": true}.
I can also ping my static inventory servers with SUCCESS but running with dynamic inventory will give the same error [creds were rejected].
Here is the sample playbook I am running:
---
- name: Gather EC2 Facts
hosts: all
connection: winrm
vars:
ansible_winrm_server_cert_validation: ignore
tasks:
- name: Display gathered facts
debug:
var: ansible_facts
ansible.cfg:
[defaults]
host_key_checking = False
inventory=aws_ec2.yml
interpreter_python=auto_silent
ansible_connection = winrm
ansible_winrm_server_cert_validation = ignore
[winrm_connection]
transport = credssp
server_cert_validation = ignore
I tried to add [winrm_connection] in ansible.cfg but still no luck.
TL;DR I have two types of Ansible inventory files: a static one and a dynamic one. The static inventory file works perfectly for running playbooks on Windows instances using the credssp connection. However, when trying to use the dynamic inventory file with Amazon AWS EC2 instances, I get an "UNREACHABLE!" error with a message indicating that the specified credentials were rejected by the server. This issue persists even after modifying the ansible.cfg file.
