ansible Using Ansible with Amazon Web Services How to properly configure Ansible to connect to Amazon Web Services


Managing AWS resources that scale up and down runs into the limits of the static inventory host file, that's why we need something dynamic. And that's what the dynamic inventories are for. Let's start:

Download these ec2.ini and files to the your project folder:

cd my_ansible_project 

Once done, make the file executable:

chmod +x

Now, export your AWS Secret and Access key as environnment variables:


To use the script we need the Python AWS SDK, boto so you need to install it:

sudo pip install boto

To test if everything is good, try executing the by listing your resources:

./ --list

you should see something similar to:

  "_meta": {
    "hostvars": {}

Now we want to use the dynamic inventory along with our static hosts file. First, create a folder called inventory, add, ec2.ini and our hosts file to it then tell Ansible to use that folder as an inventory file:

mkdir inventory 
mv inventory/
mv ec2.ini inventory/ec2.ini
mv hosts inventory/hosts

Next we should define project level configuration for Ansible by creating an Ansible config file in your project folder called ansible.cfg and adding this:

hostfile = inventory
pipelining = False
ssh_args = -o ControlMaster=auto -o ControlPersist=30m -o StrictHostKeyChecking=no

Next we need to configure Ansible to use an SSH key to authenticate access to our EC2 instances. Using an SSH agent is the best way to authenticate with resources, as this makes it easier to manage keys:

ssh-agent bash 
ssh-add ~/.ssh/keypair.pem  

That's it! If you followed this, you can test it by using the ping module and then, you will see your running instances that have been configured to use your key responding with pong:

ansible -m ping all | success >> {
    "changed": false, 
    "ping": "pong"