ansible-target-practice/README.md
Vincent Van der Kussen c19d75b530 aws inventory
2020-10-20 07:01:49 +02:00

2.3 KiB

ansible-target-practice

EC2 credentials

Make sure you have a profile that can access the necessary AWS resources. Configure your AWS cli as described here

You can use Environment Variables to specify configuration options of the AWS cli. More info here:

Minimal example:

~/.aws/credentials

[zoolite/vincent]
aws_access_key_id=AKIAWNB2RT65DGTW
aws_secret_access_key=Yhdg280zGg3U7CQVcyLAqLEs9/Wv6cYb7UYB6L0

~/.aws/config

[profile zoolite/vincent]
region=eu-west-1
output=text

You can use this profile by setting the AWS_PROFILE environment variable

export AWS_PROFILE=zoolite/vincent

Run aws sts get-caller-identity to test authentication

Ansible EC2 inventory plugin

The Ansible EC2 inventory plugin allows you to create groups based on tags defined on resources. The configuration of this inventory plugin can be done through a configuration file.

In this example we wan to create a group dev and should contain all instance that have a tag env=dev. We also create a group tag_dev_env which contains the same hosts.

Create a file aws_ec2.yml with the following content

plugin: aws_ec2
regions:
  - eu-west-1
filters:
  tag:env:
    - dev
    - prod
hostnames:
  - private-dns-name
  - ip-address
  - network-interface.addresses.private-ip-address
keyed_groups:
  - key: tags.env
    separator: ""
  - prefix: tag
    key: tags

Filters

In the example we apply a filter so we only end up with resources who have a tag env with a value of either dev or prod

Hostnames

In this example we only want to use the private ip addresses, private dns record or the public ip address in our inventory. This can be defined in the hostnames section.

This list uses the order as preference. Example: If you prefer to use the prive dns records you need to put the private-dns-name option above all alse in the list.

You can use the options defined in the AWS CLI --filter section.

Run Ansible

Testing the inventory can be done using ansible-inventory

ansible-inventory -i aws_ec2.yml --list