Manage multiple aws accounts with ansible playbook using ec2.py/ec2.ini

Archives Ansible Project
1

I have multiple aws accounts. I would like to manage all these accounts using ansible playbooks. ex. provisioning new machines etc…

But when I use profile/AWS_PROFILE option it always taking default profile not going to specified profiles.

It says specified vpc does not exist as it is checking under default profile from ~/.aws./credentials or ~/.boto files

Please let me know how can I manage multiple aws accounts using ansible playbooks.

I have installed boto3 using pip on my machine.,

p.s. I am using all these playbooks from one of the ec2 machine. This is from default profile location.

Thanks in advance…

2

Hi Naga,

One of the google doc says that …

From Example: AWS EC2 External Inventory Script(https://docs.ansible.com/ansible/latest/user_guide/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script)

If you use Boto profiles to manage multiple AWS accounts, you can pass --profile PROFILE name to the ec2.py script. An example profile might be:

[profile dev]
aws_access_key_id =
aws_secret_access_key =

[profile prod]
aws_access_key_id =
aws_secret_access_key =
You can then run ec2.py --profile prod to get the inventory for the prod account, although this option is not supported by ansible-playbook. You can also use the AWS_PROFILE variable - for example:

AWS_PROFILE=prod ansible-playbook -i ec2.py myplaybook.yml

Hope this helps.

-Thanks
Shrinath

3

Thanks Shrinath.

I have tried with that option.

I am able to get all the inventory info when I tried like ./ec2.py --list --profile=prod

but whey I tried with AWS_PROFILE=prod ansible-playbook -i ec2.py myplaybook.yml to create new ec2 instance under prod account it says subnet/groups not found.

which means it’s checking under default profile not under prod account.