AWS Ansible

groupfiles14 · June 29, 2017, 5:58am

Hi Ansiblers,
How can i use same playbook for multiple aws accounts, can i give the access key and secret key as command line paramters in playbook?

groupfiles14 · July 3, 2017, 5:28am

Any help?

Darragh_Grealish · July 3, 2017, 8:58am

Yes, you pass them as extra-vars, but there are many ways to do this, just watch out where you run your playbook and if AWS ENV variables are already set, as boto will take this into account also.
best to understand better the AWS credentials and profiles

http://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default

groupfiles14 · July 4, 2017, 7:32am

Is there a way to store all accounts keys as some files and call them as extra vars in playbook?

Dick_Davies · July 4, 2017, 7:45am

Yes, you can use lookups, like this

- name: set authorized_keys
authorized_key: user={{ item }} exclusive=yes
key="{{ lookup('file', 'files/pubkeys/{{ item }}.key') }}"
with_items: "{{ team_members[team] }}"

team_members[team] here is a list of usernames,
the files live in rolename/files/pubkeys/$username.key

original role is here :
https://github.com/rasputnik/ansible-sshteams/blob/master/roles/teams/tasks/team.yml

groupfiles14 · July 4, 2017, 8:07am

Oh my god, my head is spinning. I have 3 accounts in AWS, i need to create a file for each account? and then i need to give that name in playbook?

i am expecting something like this

ansible-playbook newmachine.yml --extra-vars “account=myaccount” and i want the new ec2 instance to be spinned up in that account. how can i do this?

Dick_Davies · July 4, 2017, 10:23am

Sorry I thought you wanted to know about file lookups (in this case
it's ssh keys).

If the -e 'credentials=/path/to/credentials' , you just need to lookup
the file and
read it's contents. Or just set environment variables before you run
the playbook, I
thought the aws related modules read the environment fine.

groupfiles14 · July 4, 2017, 10:33am

Sorry, i dont really know where to start,
Should i save the keys in some file and refer that fiile in the playbook as a variable?

Dick_Davies · July 4, 2017, 10:51am

No, just keep it simple and set the environment variables; then you
can't accidentally
commit credentials to a repo or use the wrong account.

http://docs.ansible.com/ansible/guide_aws.html

groupfiles14 · July 7, 2017, 7:06am

i am new to ansible and i am struggling a bit here how can i save multiple accounts credentials in ansible server and call them in command line?

Topic		Replies	Views
How can I use the AWX credential variables in playbooks? AWX Project awx , aws	6	1	April 18, 2018
Improved EC2 multiple account support Ansible Developer	1	0	January 8, 2014
Need a help to create S3 bucket using Ansible Ansible Project aws	28	0	September 2, 2019
passing aws_secret_key and aws_access_key as parameters in playbook task fails Ansible Project	4	0	September 17, 2013
AWS suggestion Ansible Project aws	0	0	June 8, 2017

AWS Ansible

Related topics