Last active
April 25, 2022 09:11
-
-
Save unbelauscht/3c3336791d95c3bfb5d068a3d58e5140 to your computer and use it in GitHub Desktop.
Run Ansible over AWS SSM
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
plugin: aws_ec2 | |
regions: | |
- eu-central-1 | |
# filter hosts based on name tag. This was used to provision prometheus instances | |
filters: | |
tag:Name: "prometheus.*" | |
# get nicer hostnames based on the ec2 instance tag | |
hostnames: | |
- tag:Name | |
compose: | |
ansible_inventory: tags.Name | |
# tags.ansible_user needs to be set on AWS side. | |
ansible_user: tags.ansible_user | |
# ansible_host is the instance_id as aws ssm will use this one to connect to the instance | |
ansible_host: instance_id | |
# use aws ssm as ProxyCommand see https://go.aws/3nrFdH5, don't forget to add AmazonSSMManagedInstanceCore as aws_iam_instance_profile. | |
ansible_ssh_common_args: "'-o StrictHostKeyChecking=no -o ProxyCommand=\"sh -c \\'aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters portNumber=%p\\''" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment