设置Ansible服务器以使用动态清单管理多个AWS账户吗?
[英]Setup Ansible server to manage several AWS Accounts using dynamic inventory?
问题描述
How do I setup Ansible server to manage multiple AWS accounts using dynamic inventory, so, I have 20 AWS accounts and want to manage all those from single server (VPC's in all accounts are peered with each other), 
我如何设置Ansible服务器以使用动态清单管理多个AWS账户,所以,我有20个AWS账户,并且想要管理来自单个服务器的所有账户(所有账户中的VPC彼此对等),
I have Installed Ansible and setup boto profile one for each account, by creating 20 profiles (ie 20 access and secret access keys) stored in boto credentials: ~/.aws/credentials. 我通过创建存储在Boto凭证中的20个配置文件(即20个访问权限和秘密访问密钥)来安装Ansible,并为每个帐户设置一个Boto配置文件:〜/ .aws / credentials。
Is it the right way to manage multiple accounts i am using AWS_PROFILE to specify boto profile while running playbooks. 这是管理多个账户的正确方法,我在运行剧本时使用AWS_PROFILE指定boto配置文件。
Is there any other way to do this,instead of storing keys and creating boto profiles. 还有其他方法可以执行此操作,而不是存储密钥和创建Boto配置文件。
1 个解决方案
解决方案1
3 2017-01-04 19:38:16
From Example: AWS EC2 External Inventory Script If you use Boto profiles to manage multiple AWS accounts, you can pass --profile PROFILE name to the ec2.py script. 来自示例:AWS EC2外部清单脚本如果您使用Boto配置文件来管理多个AWS账户,则可以将--profile PROFILE名称传递给ec2.py脚本。 An example profile might be: 示例配置文件可能是:
[profile dev]
aws_access_key_id = <dev access key>
aws_secret_access_key = <dev secret key>
[profile prod]
aws_access_key_id = <prod access key>
aws_secret_access_key = <prod secret key>
You can then run ec2.py --profile prod to get the inventory for the prod account, although this option is not supported by ansible-playbook . 然后,您可以运行ec2.py --profile prod来获取prod帐户的清单,尽管ansible-playbook不支持此选项。 You can also use the AWS_PROFILE variable - for example: 您还可以使用AWS_PROFILE变量 -例如:
AWS_PROFILE=prod ansible-playbook -i ec2.py myplaybook.yml
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.