From 3b5a96fcb760aa83cb67f904013c3016839117ad Mon Sep 17 00:00:00 2001 From: Ihor Borodin Date: Fri, 26 Jul 2019 20:27:49 +0300 Subject: [PATCH] Fixing race condition in ec2 inventory plugin (#59638) * Fixing race condition in ec2 inventory plugin Co-Authored-By: Sviatoslav Sydorenko * Fixing code block according to suggestion * Adding changelog fragment --- .../fragments/59638-aws-ec2-plugin-fix-race.yaml | 2 ++ lib/ansible/plugins/inventory/aws_ec2.py | 12 ++++++++---- 2 files changed, 10 insertions(+), 4 deletions(-) create mode 100644 changelogs/fragments/59638-aws-ec2-plugin-fix-race.yaml diff --git a/changelogs/fragments/59638-aws-ec2-plugin-fix-race.yaml b/changelogs/fragments/59638-aws-ec2-plugin-fix-race.yaml new file mode 100644 index 00000000000..ce88b354ca1 --- /dev/null +++ b/changelogs/fragments/59638-aws-ec2-plugin-fix-race.yaml @@ -0,0 +1,2 @@ +bugfixes: + - aws_ec2 inventory plugin - fixed race condition when trying to fetch IAM instance profile (role) credentials (https://github.com/ansible/ansible/pull/59638) diff --git a/lib/ansible/plugins/inventory/aws_ec2.py b/lib/ansible/plugins/inventory/aws_ec2.py index df139ecfcfe..a565220f266 100644 --- a/lib/ansible/plugins/inventory/aws_ec2.py +++ b/lib/ansible/plugins/inventory/aws_ec2.py @@ -579,10 +579,14 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable): if not self.boto_profile and not (self.aws_access_key_id and self.aws_secret_access_key): session = botocore.session.get_session() - if session.get_credentials() is not None: - self.aws_access_key_id = session.get_credentials().access_key - self.aws_secret_access_key = session.get_credentials().secret_key - self.aws_security_token = session.get_credentials().token + try: + credentials = session.get_credentials().get_frozen_credentials() + except AttributeError: + pass + else: + self.aws_access_key_id = credentials.access_key + self.aws_secret_access_key = credentials.secret_key + self.aws_security_token = credentials.token if not self.boto_profile and not (self.aws_access_key_id and self.aws_secret_access_key): raise AnsibleError("Insufficient boto credentials found. Please provide them in your "