从 azure vnet 收集 ansible 事实并注册以在 playbook 中进一步使用

tag-icon tag-icon ansible cloud
从 azure vnet 收集 ansible 事实并注册以在 playbook 中进一步使用

我的要求是从 Azure 收集 VNET ID 并使用该 ID 作为分配基于角色的访问权限的范围。为此,我将使用 azure_rm_virtualnetwork_info 和 azure_rm_roleassignment。

当我尝试使用 azure_rm_virtualnetwork_info 并在变量中注册事实时,它会保存为数据类型“dict”。这些事实看起来是这样的。

我对用作范围的 VNET ID 感兴趣。

ok: [localhost] => changed=false
  invocation:
    module_args:
      ad_user: null
      adfs_authority_url: null
      api_profile: latest
      auth_source: null
      cert_validation_mode: null
      client_id: null
      cloud_environment: AzureCloud
      name: VNT-NAME
      password: null
      profile: NPE
      resource_group: ARG
      secret: null
      subscription_id: null
      tags: null
      tenant: null
  virtualnetworks:
  - address_prefixes:
    - 111.41.240.0/22
    dns_servers:
    - 11.4.0.36
    - 11.4.0.37
    - 174.31.43.92
    - 174.23.43.92
    id: /subscriptions/SUB-ID/resourceGroups/ARG/providers/Microsoft.Network/virtualNetworks/VNT-NAME
    location: australiaeast
    name: VNT-NAME
    provisioning_state: Succeeded
    subnets:
    - address_prefix: 10.4.240.0/24
      id: /subscriptions/SUB-ID/resourceGroups/ARG/providers/Microsoft.Network/virtualNetworks/VNT-NAME/subnets/SUB-001
      name: SUB-001
      network_security_group: null
      provisioning_state: Succeeded
      route_table: null
      service_endpoints:
      - locations:
        - '*'
        service: Microsoft.KeyVault
      - locations:
        - australiaeast
        - australiasoutheast
        service: Microsoft.Storage
    - address_prefix: 10.4.241.0/25
      id: /subscriptions/SUB-ID/resourceGroups/ARG/providers/Microsoft.Network/virtualNetworks/VNT-NAME/subnets/SUB-001
      name: BGL-NPE-SND-SYD-SUB-APG-INT-Cluster01
      network_security_group: /subscriptions/SUB-ID/resourceGroups/ARG/providers/Microsoft.Network/virtualNetworks/VNT-NAME/subnets/SUB-001
      provisioning_state: Succeeded
      route_table: null
    tags:
      Environment: General-Non-Production
      Owner: BGL IT

这就是我的代码的样子

  - name: Get facts for one virtual network
    azure_rm_virtualnetwork_info:
      resource_group: "{{ npe_vnet_resource_group }}"
      name: "{{ snd_syd_vnet }}"
      profile: "{{ profilename }}"
    register: snd_mel_vnet_reg

  - debug:
        var: snd_mel_vnet_reg.virtualnetworks.id

但我收到如下错误

TASK [debug] *****************************************************************************************************************************************************************************************************************************
task path: /home/devans/AZ-vnet-role-assignment.yml:39
ok: [localhost] =>
  snd_mel_vnet_reg.virtualnetworks.id: 'VARIABLE IS NOT DEFINED!: ''list object'' has no attribute ''id'''

任何帮助表示赞赏。

答案1

我有完全相同的问题。我通过创建一个新事实并使用json_query.

根据您的情况,您需要添加:

- set_fact: 
    myvnetid: "{{ snd_mel_vnet_reg| json_query('virtualnetworks[0].id') }}"

使用调试来验证输出是否正确:

- debug: var=myvnetid

相关内容