ansible-target-practice/README.md
Vincent Van der Kussen c19d75b530 aws inventory
2020-10-20 07:01:49 +02:00

97 lines
2.3 KiB
Markdown

# ansible-target-practice
## EC2 credentials
Make sure you have a profile that can access the necessary AWS resources.
Configure your AWS cli as described here
[](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html)
You can use Environment Variables to specify configuration options of the AWS cli.
More info here: [](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html)
Minimal example:
`~/.aws/credentials`
```
[zoolite/vincent]
aws_access_key_id=AKIAWNB2RT65DGTW
aws_secret_access_key=Yhdg280zGg3U7CQVcyLAqLEs9/Wv6cYb7UYB6L0
```
`~/.aws/config`
```
[profile zoolite/vincent]
region=eu-west-1
output=text
```
You can use this profile by setting the `AWS_PROFILE` environment variable
```
export AWS_PROFILE=zoolite/vincent
```
Run `aws sts get-caller-identity` to test authentication
## Ansible EC2 inventory plugin
The Ansible EC2 inventory plugin allows you to create groups based on tags
defined on resources. The configuration of this inventory plugin can be done
through a configuration file.
In this example we wan to create a group `dev` and should contain all
instance that have a tag `env=dev`. We also create a group `tag_dev_env` which
contains the same hosts.
Create a file `aws_ec2.yml` with the following content
```
plugin: aws_ec2
regions:
- eu-west-1
filters:
tag:env:
- dev
- prod
hostnames:
- private-dns-name
- ip-address
- network-interface.addresses.private-ip-address
keyed_groups:
- key: tags.env
separator: ""
- prefix: tag
key: tags
```
### Filters
In the example we apply a filter so we only end up with resources who have a tag
`env` with a value of either `dev` or `prod`
### Hostnames
In this example we only want to use the private ip addresses, private dns record
or the public ip address in our inventory. This can be defined in the `hostnames` section.
This list uses the order as preference. Example: If you prefer to use the prive
dns records you need to put the `private-dns-name` option above all alse in the
list.
You can use the options defined in the AWS CLI `--filter` section.
[](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html#options)
## Run Ansible
Testing the inventory can be done using `ansible-inventory`
```
ansible-inventory -i aws_ec2.yml --list
```