Flux7 Flux7
  • Digital Innovation
      • Digital Innovation
      Enable Software Innovation
      • CI/CD: Accelerate Deployments Through Pipelines
      • Containers Infrastructure:Improve Agility with Containers
      • Build:Custom Toolchain Deployment
      • Microservices: Speed Application Development
      • HPC:Product Design & Simulation
      • Renovate:Application Migration to the Cloud
      • Serverless:Innovate at the Speed of the Market
      Scale Enterprise DevOps
      • AWS DevOps Consulting:  Refactor Large Quantities of Apps to AWS
      • Cloud-Native Architectures: Accelerate Business with Cloud-Native Services
  • Operational Excellence
      • Services
      Cloud Implementation Services
      • Cloud Migration Services: Streamline Your Cloud Migration
      • Build Cloud Foundations: Accelerate Adoption with Strong Cloud Foundations
      • ISV Workloads on Cloud: Defined Solutions and Proven IP
      • High-Performance Computing Services: Exploit Cloud Elasticity and Scalability
      Enforce Security and Compliance
      • Automate Compliance: Meet Corporate and Legal Requirements
      • Web Application Firewall:Protect Vital Data and Functions

      Our landing zones on AWS emphasizes training, documentation, and resources to help teams new to AWS get the skills they need for long-term business agility.

      Gain a Landing Zone That Fits Your Needs Today

  • Industries
      • Industries
       
      • Energy:Cloud Solutions for the Energy Industry
      • Finance: Secure Infrastructure for Improved Customer Service and Analytics
      • Healthcare & Life Sciences: Meet Security & Compliance Requirements
      • Hospitality: Increase Customer Acquisition
       
      • Manufacturing: Innovation with Digital Transformation
      • Retail:Grow Customer Loyalty and Lifetime Value
      • Semiconductor: Legacy Modernization Services
      • Software:Grow Developer Agility and Application Reliability
       

      Read our industry success stories and the benefits our customers saw

      Read the Case Studies

  • Tech
      • Tech
      Flux7 Tech
      • DevOps Toolchain: Reduce DevOps Challenges
      • Amazon Web Services: Reduce Complexities and Risks in AWS Architectures
      • AWS Database Services: Design and Implementation of Infrastructure for Cloud-Based Databases
      Configuration
      • Cloud Configuration: Gain Greater Consistency, Repeatability & Agility
      • HashiCorp Terraform: Defining Infrastructure as Code 
      • AWS CloudFormation: Reduce Maintenance and Improve Security
      Containers
      • Container Infrastructure: Improve Agility with Containers
      • Docker: Build, Ship and Run Applications Anywhere
      • Kubernetes: Container Consulting Services
      • Red Hat OpenShift: Speed Code Delivery

      Rapidly adopt technology to achieve Infrastructure as Code and continuous delivery and support of applications and workloads.

      Create Your DevOps Toolchain

  • Resources
      • Resources
      Research & Reports
      • Analyst Insights & Reports
      • Blog
      • Case Studies
      • White Papers
      News & Events
      • Events Calendar
      • Newsroom
      • Press Releases
      Flux7 Academy
      • Tech Tutorials

      Read about what we do, how we do it and how our customer's benefit from our solutions.

      Read and Download Our Case Studies

  • About
      • About Flux7
      Get To Know Us
      • About Flux7
      • Awards & Recognitions
      • Meet Our Team
      Work With Us
      • Careers
      • Our Culture
      Partner With Us
      • Flux7 partners with technology vendors who deliver solutions to help our customers address scalability, security, reduce the cost of infrastructure delivery and improve speed to market.

      Welcome to Flux7! Get to know us a bit better and discover what makes us different than other DevOps Consultants.

      Discover What Makes Us Different

  • Contact us
An NTT DATA Company

Login Contact us

Ansible AWS Session Manager Plugin Use Cases

Ansible AWS Session Manager Plugin Use Cases

By Kim Blomgren
September 29, 2020

Today we announced the arrival of the Ansible AWS Session Manager plugin, compatible with Ansible 2.10. The solution enables Ansible users to take advantage of the full power of AWS Session Manager with Ansible, tightening network access and eliminating key management. (For more details on the full solution, read today’s blog announcement.)

Consistent with existing Ansible usage, users need only to configure the inventory to use the new plugin. Two different scenarios where you may consider the new plugin include:

  • Using Static Inventory 
  • Using Dynamic Inventory

Using Static Inventory

When specifying the hostname in the inventory file, instead of providing the IP address or DNS name we need the instance-ids. We have three examples in this scenario.

  1. Stop the Windows Spooler Service
  2. Install the Nginx Package on Linux Instance(s)
  3. Create a Directory in Windows Instances

Note: All the examples use the same Hosts file.

Hosts File:

all:

  hosts:

    linux1:

      ansible_aws_ssm_instance_id: i-0f303b65c4dba14f8

    linux2:

      ansible_aws_ssm_instance_id: i-0fef0bd908610ff64

    windows1:

      ansible_aws_ssm_instance_id: i-0aca5f297c4e80a95

    windows2:

      ansible_aws_ssm_instance_id: i-0eafbc6c61ece7b30

  children:

    Shell:

      hosts:

        linux[1:2]:

    PowerShell:

      hosts:

        windows[1:2]:

Stop the Windows Spooler Service

win_service.yaml

—– name: Stop Windows Service

  hosts: PowerShell

  gather_facts: true

  vars:

    ansible_connection: aws_ssm

    ansible_shell_type: powershell

    ansible_aws_ssm_bucket_name: nameofthebucket

    ansible_aws_ssm_region: us-east-1

  tasks:

    – name: Stop spooler service

      win_service:

        name: spooler

        state: stopped

Execution:

ansible-playbook win_service.yaml -i allhosts.yml

By calling `PowerShell` hostgroup, the task will be executed in both defined Windows hosts defined.

Ansible Plugin Use Cases

Install the Nginx Package on Linux Instance(s)

linux.yaml

– name: Install a Nginx Package

hosts: Shell

  vars:

    ansible_connection: aws_ssm

    ansible_aws_ssm_bucket_name: nameofthebucket

    ansible_aws_ssm_region: us-west-2

  tasks:

    – name: Install a Nginx Package

      shell: sudo amazon-linux-extras install nginx1.12 -y

    args:

      executable: /bin/bash

    become_method: sudo

Execution:

Ansible-playbook linux.yaml -i ./allhosts.yml 

Output:

Ansible Playbook YAML

Create a Directory in Windows Instances

win_dir.yaml

– name: Create a directory in Windows Instance

  hosts: PowerShell

  vars:

    ansible_connection: aws_ssm

    ansible_shell_type: powershell

    ansible_aws_ssm_bucket_name: nameofthebucket

    ansible_aws_ssm_region: us-east-1

  tasks:

    – name: Create a Directory

      win_file:

        path: C:\Windows\Temp\

        state: directory

Execution:

ansible-playbook win_dir.yaml -i allhosts.yml

Output:

Create a Directory in Windows Instances

Using Dynamic Inventory

The AWS Dynamic Inventory plugin works without any changes. We were able to leverage existing support for choosing the hostname from any of the instance attributes. So, in addition to the changes shown above for specifying the connection plugin to use, we need to specify that the AWS dynamic inventory plugin will use the Instance ID as the inventory hostname. For this scenario, we have 2 examples:

  1. Create a Directory on Windows Instances
  2. Install AWS CLI on Linux Instances

Create a Directory on Windows Instances 

Dynamic Inventory

plugin: aws_ec2

regions:

    – us-east-1

hostnames:

    – instance-id

filters:

    tag:SSMTag: ssmwindows

From the above dynamic inventory file, the instances IDs will be returned based on the tag filter.

Playbook

–—

– name: Create a dir.

  hosts: all

  gather_facts: false

  vars:

    ansible_connection: aws_ssm

    ansible_shell_type: powershell

    ansible_aws_ssm_bucket_name: test-ssm-instances

    ansible_aws_ssm_region: us-east-1

  tasks:

    – name: Create the directory

      win_file:

        path: C:\Temp\SSM_Testing5

        state: directory

Execution

ansible-playbook win_file.yaml -i aws_ec2.yml

The Dynamic Inventory plugin will fetch the instance-ids matching with the tag filter and the tasks in the playbook will be executed on the returned instances using SSM plugin.

Output

Create a Directory on Windows Instances

Install AWS CLI on Linux Instances 

Dynamic Inventory

plugin: aws_ec2

regions:

    – us-east-1

hostnames:

    – instance-id

filters:

    tag:SSMTag: ssmlinux

From the above dynamic inventory file, the instances IDs will be returned based on the tag filter.

Playbook

—

– name: install aws-cli

  hosts: all

  gather_facts: false

  vars:

    ansible_connection: aws_ssm

    ansible_aws_ssm_bucket_name: test-ssm-instances

    ansible_aws_ssm_region: us-east-1

  tasks:

  – name: aws-cli

    raw: yum install -y awscli

    tags: aws-cli

Execution

ansible-playbook playbook.yml -i aws_ec2.yml

Dynamic Inventory plugin will fetch the instance-ids matching with the tag filter and the tasks in the playbook will be executed on the returned instances using SSM plugin.

Output

Install AWS CLI on Linux Instances

Download the new Ansible AWS Session Manager Plugin today.

This post is contributed by Pat Sharkey, Gaurav Ashtikar, and HanumanthaRao MVL

Share This Article
Facebook Twitter Pinterest Linkedin
Prev Post

Related Articles

re:Invent Round-Up of AWS DevOps Announcements
By Flux7 Labs
December 21, 2020

re:Invent Round-Up of AWS DevOps Announcements

READ MORE
How Will SASE Change Networking in 2021?
By Flux7 Labs
December 16, 2020

How Will SASE Change Networking in 2021?

READ MORE

Recent Posts

  • re:Invent Round-Up of AWS DevOps Announcements

  • How Will SASE Change Networking in 2021?

  • AWS re:Invent Machine Learning Round-Up

  • How to Publish Managed Images to the Azure Marketplace

  • AWS re:Invent News Round-Up

  • Shave Days off Azure Marketplace Publishing with Automated Testing

  • IT Modernization and DevOps News Week in Review 11.30.2020

  • How To: Multi-Cluster Monitoring in Amazon EKS

  • IT Modernization and DevOps News Week in Review 11.16.2020

  • When to Migrate from AWS Landing Zone to AWS Control Tower

Flux7
  • About Flux7
  • Contact Us
  • Careers at Flux7
  • Newsroom
  • Meet our Team
Services
  • Enable Software Innovation
  • Enforce Security and Compliance
  • Adopt Cloud
  • Cloud Migration Services
  • Secure the Cloud
Resources
  • Analysts Reports
  • Case Studies
  • White Papers
About Flux7

Flux7, an NTT DATA Company, helps enterprises reduce the complexities of new and evolving cloud automation strategies. Agile and DevOps-native, Flux7’s robust IT services portfolio prioritizes a fast path to ROI, is transformation focused and creates secure and stable pathways for operational excellence.

Follow Us
Flux7, an NTT DATA Company | All Rights Reserved | Privacy Policy