diff --git a/changelogs/fragments/49113-iam-role-arn-parsing-updated.yml b/changelogs/fragments/49113-iam-role-arn-parsing-updated.yml new file mode 100644 index 00000000000..b14fa7be7c2 --- /dev/null +++ b/changelogs/fragments/49113-iam-role-arn-parsing-updated.yml @@ -0,0 +1,2 @@ +bugfixes: + - ec2_metadata_facts - Parse IAM role name from the security credential field since the instance profile name is different diff --git a/lib/ansible/modules/cloud/amazon/ec2_metadata_facts.py b/lib/ansible/modules/cloud/amazon/ec2_metadata_facts.py index 2416f9f31c8..0f5cd454691 100644 --- a/lib/ansible/modules/cloud/amazon/ec2_metadata_facts.py +++ b/lib/ansible/modules/cloud/amazon/ec2_metadata_facts.py @@ -467,8 +467,9 @@ class Ec2Metadata(object): new_fields = {} for key, value in fields.items(): split_fields = key[len(uri):].split('/') - if len(split_fields) == 2 and split_fields[0:2] == ['iam', 'info_instanceprofilearn']: - new_fields[self._prefix % "iam-instance-profile-role"] = value.split('/')[1] + # Parse out the IAM role name (which is _not_ the same as the instance profile name) + if len(split_fields) == 3 and split_fields[0:2] == ['iam', 'security-credentials'] and ':' not in split_fields[2]: + new_fields[self._prefix % "iam-instance-profile-role"] = split_fields[2] if len(split_fields) > 1 and split_fields[1]: new_key = "-".join(split_fields) new_fields[self._prefix % new_key] = value @@ -504,7 +505,7 @@ class Ec2Metadata(object): dict = json.loads(content) self._data['%s' % (new_uri)] = content for (key, value) in dict.items(): - self._data['%s_%s' % (new_uri, key.lower())] = value + self._data['%s:%s' % (new_uri, key.lower())] = value except: self._data['%s' % (new_uri)] = content # not a stringifed JSON string