You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 lines
1.0 KiB
42 lines
1.0 KiB
---
|
|
# vorher muss noch die Ansible Vault erzeugt werden:
|
|
#
|
|
# ansible-vault create aws_credentials.yml
|
|
# folgender Inhalt:
|
|
# ---
|
|
# AWS_ACCESS_ID: 'IhrAWSAccessID'
|
|
# AWS_ACCESS_KEY: 'IhrAWSSecretKey'
|
|
#
|
|
# das Vault Passwort sollte ebenfalls aus einer Datei gelesen werden, z.B.:
|
|
# /root/vault_pw
|
|
#
|
|
- name: Setup AWS environment using Ansible Vault
|
|
hosts: localhost
|
|
gather_facts: no
|
|
|
|
vars_files:
|
|
- aws_credentials.yml
|
|
|
|
tasks:
|
|
- name: Create .aws directory
|
|
file:
|
|
path: "{{ ansible_env.HOME }}/.aws"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Set AWS region config
|
|
copy:
|
|
dest: "{{ ansible_env.HOME }}/.aws/config"
|
|
content: |
|
|
[default]
|
|
region = eu-central-1
|
|
mode: '0640'
|
|
|
|
- name: Set AWS credentials from Vault
|
|
copy:
|
|
dest: "{{ ansible_env.HOME }}/.aws/credentials"
|
|
content: |
|
|
[default]
|
|
aws_access_key_id = {{ AWS_ACCESS_ID }}
|
|
aws_secret_access_key = {{ AWS_ACCESS_KEY }}
|
|
mode: '0640'
|