Hi all, I’ve run into a bit of a repeated issue over the years using ansible with AWS. Let’s say I have an ansible project with two inventories: prod and dev. And each of those inventories correspond to a separate AWS account. Ideally, I’d want to set the environment variable AWS_PROFILE for the parent ansible process on the ansible host, depending on the inventory selected. That way all child processes (for example ec2.py in dynamic inventory) will inherit the environment and behave as expected.
In the past, I have solved this by writing a custom shell function to source the environment from the inventory, set it, and then call ansible. Obviously this is not ideal. You can also use ENVIRONMENT_VARIABLE=value ansible-playbook but to me this is an antipattern because you are manually supplying an inventory-specific magic value which should be stored in your inventory or group_vars.
This potential need also extends beyond this specific use case. It also serves as a general pattern for storing dynamic cloud account credentials. And you could specify different ansible configuration depending on the inventory selected, using environment variables.
Has anyone considered this before? I think it would be fairly trivial to implement. It could either be declared within the inventory file for localhost (although this seems like a bit of a hack), or as some per-stack extension of ansible.cfg. It would need to be called very early in the initial ansible process, before any forks.
Thoughts? Suggested workarounds?