[ansible-project] Variable from EC2 Instance Tag

Mon, 17 Apr 2017 12:05:55 -0700 

When we create an EC2 instance, we then run playbooks on the EC2 instance 
to harden it and configure it the way we need to. 

Right now, I have a Python script with Boto3 retrieving tag information. I 
then pass the variables into an Ad-Hoc play, but I'm looking for an 
automated solution to this that I can put into Tower. 

Am I on the right track or are there alternative/better options?

The gist of what I currently have is Python uses Boto3 to retrieve tag info.
An Ad-Hoc play is created with that tag value.
Python executes the Ad Hoc play.

The goal is to have Tower retrieve that Tag information, assign it to an 
Ansible variable, and then execute the play on the remote host. 

import boto3
import os

instance_private_ip = 'xx.xx.xx.xx' # The Private IP is passed as an 
argument on CLI, using ArgParse: $ python foo.py --privateip 10.0.0.5
instance_id = 'i-xxxxxxxx' # The Instance ID is retrieved with another 
function that takes the EC2 Private IP as its argument.

instance_tag = get_instance_tag(instance_id) # This gets the tag in the 
instance. 

# Create the Ad Hoc command which makes a simple temp file named after the 
EC2 tag value
command = 'ansible all -i ' + instance_private_ip + ', -m tempfile ' + 
instance_tag + '.temp'

# Run the Ad Hoc command, which should create /tmp/Bar.temp
os.system(command)

 
def get_instance_tag(instance_id):
    
    # Establish the EC2 Connection and Instance ID
    ec2 = boto3.resource('ec2')
    ec2instance = ec2.Instance(instance_id)
    
    instTag = ''
    
    # Loop through the tags and find the EC2 Foo key/value pair
    for tags in ec2instance.tags:
       if tags["Key"] == "Foo":
           instTag = tags["Value"] # Value is 'Bar'
           break
    return instTag # Returns the value "Bar"


 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b5a7e943-e26e-4c74-820b-08de4e939492%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to