Documentation

aws_ec2 - ec2 inventory source

Synopsis

  • Get inventory hosts from Amazon Web Services EC2.
  • Uses a <name>.aws_ec2.yaml (or <name>.aws_ec2.yml) YAML configuration file.

Parameters

Parameter
Choices/Defaults
Configuration
Comments
aws_access_key_id
env:AWS_ACCESS_KEY_ID
env:AWS_ACCESS_KEY
env:EC2_ACCESS_KEY
The AWS access key to use. If you have specified a profile, you don't need to provide an access key/secret key/session token.
aws_secret_access_key
env:AWS_SECRET_ACCESS_KEY
env:AWS_SECRET_KEY
env:EC2_SECRET_KEY
The AWS secret key that corresponds to the access key. If you have specified a profile, you don't need to provide an access key/secret key/session token.
aws_security_token
env:AWS_SECURITY_TOKEN
env:AWS_SESSION_TOKEN
env:EC2_SECURITY_TOKEN
The AWS security token if using temporary access and secret keys.
boto_profile
env:AWS_PROFILE
env:AWS_DEFAULT_PROFILE
The boto profile to use.
cache
Default:
no
ini entries:

[inventory ]
cache = no

env:ANSIBLE_INVENTORY_CACHE
Toggle to enable/disable the caching of the inventory's source data, requires a cache plugin setup to work.
cache_connection
ini entries:

[inventory ]
cache_connection = VALUE

env:ANSIBLE_INVENTORY_CACHE_CONNECTION
Cache connection data or path, read cache plugin documentation for specifics.
cache_plugin
ini entries:

[inventory ]
cache_plugin = VALUE

env:ANSIBLE_INVENTORY_CACHE_PLUGIN
Cache plugin to use for the inventory's source data.
cache_timeout
Default:
3600
ini entries:

[inventory ]
cache_timeout = 3600

env:ANSIBLE_INVENTORY_CACHE_TIMEOUT
Cache duration in seconds
compose
Default:
{}
create vars from jinja2 expressions
filters
A dictionary of filter value pairs. Available filters are listed here http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html#options
groups
Default:
{}
add hosts to group based on Jinja2 conditionals
hostnames
A list in order of precedence for hostname variables. You can use the options specified in http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html#options. To use tags as hostnames use the syntax tag:Name=Value to use the hostname Name_Value, or tag:Name to use the value of the Name tag.
keyed_groups
Default:
[]
add hosts to group based on the values of a variable
regions
A list of regions in which to describe EC2 instances. By default this is all regions except us-gov-west-1 and cn-north-1.
strict
Default:
no
If true make invalid entries a fatal error, otherwise skip and continue
Since it is possible to use facts in the expressions they might not always be available and we ignore those errors by default.
strict_permissions
By default if a 403 (Forbidden) is encountered this plugin will fail. You can set strict_permissions to False in the inventory config file which will allow 403 errors to be gracefully skipped.

Examples

plugin: aws_ec2
boto_profile: aws_profile
regions: # populate inventory with instances in these regions
  - us-east-1
  - us-east-2
filters:
  # all instances with their `Environment` tag set to `dev`
  tag:Environment: dev
  # all dev and QA hosts
  tag:Environment:
    - dev
    - qa
  instance.group-id: sg-xxxxxxxx
# ignores 403 errors rather than failing
strict_permissions: False
hostnames:
  - tag:Name=Tag1,Name=Tag2  # return specific hosts only
  - tag:CustomDNSName
  - dns-name

# keyed_groups may be used to create custom groups
strict: False
keyed_groups:
  # add e.g. x86_64 hosts to an arch_x86_64 group
  - prefix: arch
    key: 'architecture'
  # add hosts to tag_Name_Value groups for each Name/Value tag pair
  - prefix: tag
    key: tags
  # add hosts to e.g. instance_type_z3_tiny
  - prefix: instance_type
    key: instance_type
  # create security_groups_sg_abcd1234 group for each SG
  - key: 'security_groups|json_query("[].group_id")'
    prefix: 'security_groups'
  # create a group for each value of the Application tag
  - key: tag.Application
    separator: ''

Status

Author

  • UNKNOWN

Hint

If you notice any issues in this documentation you can edit this document to improve it.