问题
I'm trying to use the aws_ec2 inventory plugin for ansible. As I understand this is supposed to be the recommended method over the ec2.py inventory script. I got that gold nugget of information from ansible's own blog post and some random articles that mention it in the passing. However, as a novice to ansible, I find the documentation lacking.
3 problems I'm wandering about are:
- A good way to pass secrets to the inventory definition file (I called it
hosts.aws_ec2.yml). Jinja2 style of:
aws_secret_key: "{{ aws_secret }}"
produces a parse error.
As I understand this can be mitigating by setting env variables that will be picked up the plugin, but I'd like to get them from my ansible-vault encrypted file.
how do structure my host vars with this approach. So far, with a "static" inventory, I followed the structure outlined in this blog post -- one dir per environment. Any advice on how to deal with it using this plugin provided dynamic inventory?
is there a way I could specify ansible user and key for different inventory groups in a dynamic setting like this? Right now I set the globally, but I'd rather have the freedom to define them explicitly in the inventory.
Any advice is appreciated. Even a RTFM, as long as it's followed by some good reference links.
来源:https://stackoverflow.com/questions/58625447/issue-using-ansibles-inventory-plugin-for-aws-ec2