I have been thinking, in AWX we make inventories of the infrastructure inside the accounts and we can also make groups, kayed groups… of the servers. My question is, do you think it is a good idea that you can also make a separate inventory of accounts? I mean, imagine companies that adminsitran many accounts of different public cloud, and those accounts have them “tagged” either by aws organizations,lightohouse in azure … and that Ansible is able to take those “tags” which can be put in various places (I see that here is one of the problems because it would force to use to tag the same method) which is not as intuitive or direct as the tags on servers and also be able to form groups of accounts by type. So you could make global actions on accounts of a type of tag as prod including for example a new rule in a security group. How do you see this possibility of generating inventories of accounts? I have been reviewing the AWX code and I see it possible to do it, if someone wants to try it and see some viability I would be glad to know your point of view becuae i am really hyped hahah
Something I started working on a while back was a dynamic inventory plugin using AWS Organizations.
It’s a bit of a pain to test since most of the testing needs to be done through unit tests (the integration testing environment only has a single account). Due to the way the Organization APIs work it was also a little slow, which I didn’t like. But I had it working against our organization.
Hey @tremble i have just tested it and did a PR to add a minor change, really liked it. Now we could modify awx to incorporate the front and the back to handle this