How to ensure Turbot users are correctly sync'd to Linux instances

In rare circumstances, ansible can take longer that usual to sync Turbot users with Linux permissions to an instance. This guide demonstrates how to search for the ansible TurbotUsers playbook control on a specific instance, ensuring that users are properly sync'd.


  1. Authenticate into the AWS console that contains the instance in question.

  2. Click on the EC2 service, then view instances, then copy the Instance ID from the console.mceclip1.png

  3. Navigate back to the Turbot account and click on the Controls tab. 

  4. Paste the Instance ID into the field, as well as the text TurbotUsers. A control will be found similar to the below screenshot:mceclip2.png

  5. Click the control and run a Check. To get more information about what is happening in real time, check the debug box in the top right of the window.

  6. The control can take some time to finish running. If another ansible job is running while the TurbotUsers playbook is being attempted, Turbot will wait until the first job is done. This will be denoted with the debug log of the control hanging at the following point:mceclip3.png           It can take up to 15 minutes for the playbook to be applied. Navigate to the Advanced tab, then Processes to see what is currently running.

  7. The control will end in one of three states - OKAlarm, or Error.

    • OK means that the playbook has successfully sync'd. No further action is required.

    • Alarm means that the control has not been applied, but the dry run was successful. Proceed to run an Apply on the same control to run the playbook against the instance.

    • Error generally means there was an issue connecting to the instance, though this is not always the case. If an error occurs while attempting to run the playbook, contact Turbot support at with a copy of the debug log showing the error.

Was this article helpful?
0 out of 0 found this helpful