From c19d75b5300facc868ead748ce3e4078aa6515f2 Mon Sep 17 00:00:00 2001 From: Vincent Van der Kussen Date: Tue, 20 Oct 2020 07:01:49 +0200 Subject: [PATCH] aws inventory --- README.md | 94 +++++++++++++++++++++++++++++++++++++++++++++++++++++ aws_ec2.yml | 20 ++++++++++++ 2 files changed, 114 insertions(+) create mode 100644 aws_ec2.yml diff --git a/README.md b/README.md index 0a7c86b..e87ad85 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,96 @@ # ansible-target-practice +## EC2 credentials +Make sure you have a profile that can access the necessary AWS resources. +Configure your AWS cli as described here +[](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html) + +You can use Environment Variables to specify configuration options of the AWS cli. +More info here: [](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html) + +Minimal example: + +`~/.aws/credentials` + +``` +[zoolite/vincent] +aws_access_key_id=AKIAWNB2RT65DGTW +aws_secret_access_key=Yhdg280zGg3U7CQVcyLAqLEs9/Wv6cYb7UYB6L0 +``` + + + +`~/.aws/config` + +``` +[profile zoolite/vincent] +region=eu-west-1 +output=text +``` + +You can use this profile by setting the `AWS_PROFILE` environment variable + +``` +export AWS_PROFILE=zoolite/vincent +``` + +Run `aws sts get-caller-identity` to test authentication + + +## Ansible EC2 inventory plugin +The Ansible EC2 inventory plugin allows you to create groups based on tags +defined on resources. The configuration of this inventory plugin can be done +through a configuration file. + +In this example we wan to create a group `dev` and should contain all +instance that have a tag `env=dev`. We also create a group `tag_dev_env` which +contains the same hosts. + +Create a file `aws_ec2.yml` with the following content + +``` +plugin: aws_ec2 +regions: + - eu-west-1 +filters: + tag:env: + - dev + - prod +hostnames: + - private-dns-name + - ip-address + - network-interface.addresses.private-ip-address +keyed_groups: + - key: tags.env + separator: "" + - prefix: tag + key: tags +``` + +### Filters +In the example we apply a filter so we only end up with resources who have a tag +`env` with a value of either `dev` or `prod` + + +### Hostnames +In this example we only want to use the private ip addresses, private dns record +or the public ip address in our inventory. This can be defined in the `hostnames` section. + +This list uses the order as preference. Example: If you prefer to use the prive +dns records you need to put the `private-dns-name` option above all alse in the +list. + +You can use the options defined in the AWS CLI `--filter` section. +[](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html#options) + + + +## Run Ansible +Testing the inventory can be done using `ansible-inventory` + +``` +ansible-inventory -i aws_ec2.yml --list +``` + + + diff --git a/aws_ec2.yml b/aws_ec2.yml new file mode 100644 index 0000000..dd90357 --- /dev/null +++ b/aws_ec2.yml @@ -0,0 +1,20 @@ +plugin: aws_ec2 +regions: + - eu-west-1 +filters: + tag:env: + - dev + - prod +hostnames: + - ip-address + - network-interface.addresses.private-ip-address + - private-dns-name +keyed_groups: + - key: tags.env + separator: "" + #prefix: MyGroupPrefix + - prefix: tag + key: tags + +fact_caching_timeout: 10 +caching_timeout: 10