ansible - Issue using Ansible's inventory plugin for AWS EC2
问题描述
I'm trying to use the aws_ec2 inventory plugin for ansible. As I understand this is supposed to be the recommended method over the ec2.py inventory script. I got that gold nugget of information from ansible's own blog post and some random articles that mention it in the passing. However, as a novice to ansible, I find the documentation lacking.
3 problems I'm wandering about are:
- A good way to pass secrets to the inventory definition file (I called it
hosts.aws_ec2.yml). Jinja2 style of:
aws_secret_key: "{{ aws_secret }}"
produces a parse error.
As I understand this can be mitigating by setting env variables that will be picked up the plugin, but I'd like to get them from my ansible-vault encrypted file.
how do structure my host vars with this approach. So far, with a "static" inventory, I followed the structure outlined in this blog post -- one dir per environment. Any advice on how to deal with it using this plugin provided dynamic inventory?
is there a way I could specify ansible user and key for different inventory groups in a dynamic setting like this? Right now I set the globally, but I'd rather have the freedom to define them explicitly in the inventory.
Any advice is appreciated. Even a RTFM, as long as it's followed by some good reference links.
解决方案
推荐阅读
- google-chrome - Chrome 代码覆盖率工具 - 它是否为嵌入式 iframe 执行的 JS 文件生成覆盖率信息?
- c++ - 如何在 C++ 代码中运行 Yolov5 tensorflow model.pb?
- google-analytics-firebase - 有没有办法使用谷歌分析来跟踪安装我的应用程序的人数 4
- python - 使用 tensorflow 进行图像分类:三种不同的方法使用相同的模型和相同的测试数据评估结果,但产生不同的结果
- flutter - Flutter mapbox_search:有什么方法可以获取地址的城市名称吗?
- python - 退出 pynput 侦听器线程的问题
- python - 如何获取数组的索引?
- visual-studio-code - 如何在 VS Code 源代码控制中删除大量未跟踪和待处理的更改
- flutter - 更新 GridView.Builder() 中的单个项目而不重建整个树
- kubernetes - fsGroup vs 补充组