Last active
September 4, 2024 14:44
-
-
Save aardbol/c63d05843c645e7dea84207980677f7e to your computer and use it in GitHub Desktop.
Ansible SSH connections via AWS EC2 Instance Connect Endpoint
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # The dynamic inventory | |
| # https://docs.ansible.com/ansible/latest/collections/amazon/aws/aws_ec2_inventory.html | |
| plugin: amazon.aws.aws_ec2 | |
| profile: "{{ lookup('env', 'AWS_PROFILE') | default('aws_profile', true) }}" | |
| regions: | |
| - ap-northeast-1 | |
| - eu-central-1 | |
| cache: True | |
| cache_timeout: 600 | |
| cache_plugin: "jsonfile" | |
| cache_connection: '~/.ansible/tmp_staging' | |
| hostnames: | |
| - tag:Name | |
| keyed_groups: | |
| - key: tags | |
| prefix: tag | |
| groups: | |
| cloud_aws: 'true' | |
| filters: | |
| instance-state-name: running | |
| compose: | |
| ansible_host: instance_id | |
| tag_env: tags.Environment | |
| tag_name: tags.Name | |
| tag_provider: "'aws'" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In the vars file:
You can still use ansible.cfg combination with it, e.g.:
Command to test after being authenticated with AWS:
ssh user@i-xxx -o ProxyCommand='aws ec2-instance-connect --region eu-central-1 open-tunnel --instance-id i-xxx'