Manage multiple aws accounts with ansible playbook using ec2.py/ec2.ini
22 views
Skip to first unread message
naga babu
Mar 20, 2019, 1:35:45 AM3/20/19
to Ansible Project
I have multiple aws accounts. I would like to manage all these accounts using ansible playbooks. ex. provisioning new machines etc..
But when I use profile/AWS_PROFILE option it always taking default profile not going to specified profiles.
It says specified vpc does not exist as it is checking under default profile from ~/.aws./credentials or ~/.boto files
Please let me know how can I manage multiple aws accounts using ansible playbooks.
I have installed boto3 using pip on my machine.,
p.s. I am using all these playbooks from one of the ec2 machine. This is from default profile location.
Thanks in advance..
Shrinath Mangalore
Mar 20, 2019, 3:54:54 AM3/20/19
to ansible...@googlegroups.com
Hi Naga,
One of the google doc says that .....
From Example: AWS EC2 External Inventory Script(https://docs.ansible.com/ansible/latest/user_guide/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script)
If you use Boto profiles to manage multiple AWS accounts, you can pass --profile PROFILE name to the ec2.py script. An example profile might be:
[profile dev]
aws_access_key_id = <dev access key>
aws_secret_access_key = <dev secret key>
[profile prod]
aws_access_key_id = <prod access key>
aws_secret_access_key = <prod secret key>
You can then run ec2.py --profile prod to get the inventory for the prod account, although this option is not supported by ansible-playbook. You can also use the AWS_PROFILE variable - for example:
AWS_PROFILE=prod ansible-playbook -i ec2.py myplaybook.yml
Hope this helps.
-Thanks
Shrinath
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/75db6fa6-c300-4ffb-be07-204e92788a8f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
naga babu
Mar 20, 2019, 3:59:25 AM3/20/19
to Ansible Project
Thanks Shrinath.
I have tried with that option.
I am able to get all the inventory info when I tried like ./ec2.py --list --profile=prod
but whey I tried with AWS_PROFILE=prod ansible-playbook -i ec2.py myplaybook.yml to create new ec2 instance under prod account it says subnet/groups not found.
which means it's checking under default profile not under prod account.
Reply all
Reply to author
Forward
0 new messages