Using Ansible With AWS – Creating EC2 Instances (AWS / Ansible)

Ansible AWS EC2 Instance Creation
~ Geek_Dude

So far most of my Ansible blog posts have been deploying or configuring local devices (i.e. normally one of my Raspberry Pis), but the whole idea of Ansible is that it can build whole infrastructures as code (well, YAML files in my incase). The best place to see infrastructure as code is the cloud and in this blog post I am going to look at using Ansible with AWS.

Note: There are other cloud providers available, but I like AWS and currently have some free credit with them.

I have broken my blog post down into headings, so if you do not need to know what I am using, have been using AWS for a while, already have AWS CLI configured etc.. then please feel free to skip those sections.

What I Am Using

I’m going to be running Ansible on my trusty Raspberry Pi 4 running Raspberry Pi OS (32-bit). However, this project should be able to be completed on any device capable of running:

  • Python 3
  • AWS CLI
  • Boto / Boto 3
  • Ansible

Pre-Tasks (AWS)

For anyone following along I’m going to assume you already have an AWS account, if not then head over to aws.amazon.com and you can sign up for one. I am going to assume that you have some AWS knowledge, e.g. that you can already create EC2 instances from within the AWS Management Console web pages.

I would recommend creating a new user in your AWS account for this project i.e. please do not use your AWS root account. The new user does not need Management Console access, needs to use CLI/SDK access (it will generate an access key and secret access key – keep both safe) and the user should be limited to EC2 permissions (e.g. creating EC2 instances).

Make a note of the key-pair you want to use with your EC2 instances (EC2 pages>Key Pairs), if you do not already have one then please create one and keep the private key file somewhere very safe.

If you do not have a preferred security group set up, then please create one (EC2 pages>Security Groups). The Security Group defines what can access resources within it.

Also please make a note of the region you use AWS within.

To recap:

  • Do not use the AWS root account
  • You need the access key and secret access key of the user you are going to use
  • You need the private key file and key name so that you can later SSH into the instance
  • Note your region and security group name

Installations (Local Device)

With the AWS bits out of the way, it’s time to look at what is needed on the local device (e.g. the device you are going to run the commands from). I’m running these on the Pi (Linux) if you are using a different operating system make sure to use an equivalent command.

  • Python3
    Can be installed using sudo apt install python3

    Check its installed using python3 --version
  • Ansible
    Can be installed using pip3 install ansible, if you don’t have pip3 try sudo apt install pip3 first

    Check its installed using ansible --version
  • Boto / Boto3
    Can be installed using pip3 install boto boto3
  • AWS CLI
    The AWS pages give some options for this but it failed on my Pi (using the ARM options). So I used sudo apt-get install awscli

    Check its installed using aws --version

Configuration (Local Device)

The AWS CLI requires some configuration. Type:

aws configure

and then prepare to enter:

AWS Access Key ID

AWS Secret Access Key

Default region name 

Default output format 

The default regions can be found at: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html and my preferred output type is json.

The Ansible modules will automatically read this configuration so that it does not need to be saved in variables or as text in the playbooks. Just make sure the AWS config has been configured for the user running the Ansible commands/playbooks.

Creating An EC2 Instance (Ansible Playbook)

With all the above in place the Ansible ec2 module can be used to create an EC2 instance.

Ansible AWS EC2 Instance Creation
Ansible AWS EC2 Instance Creation

The playbook for this can be found on my GitHub at: https://github.com/geektechdude/AWS_Ansible_Playbooks , it’s called “create_ec2_instance_basic.yml

---
    - hosts: localhost 
      tasks:

    - name: Create AWS EC2 Instance
      ec2:
        key_name: keyname_here
        instance_type: t2.micro
        image: ami-032598fcc7e9d1c7a
        wait: yes
        group: default
        count: 1
        region: eu-west-2

key_name is the key_pair name of the SSH key to use with the instance.

instance_type is the type of EC2 instance that is to be created. AWS maintains a list of the instance types at https://aws.amazon.com/ec2/instance-types/

image is the Amazon Machine Image reference that is to be created. In my example I’ve used an AWS Linux2 AMI.

wait tells Ansible to wait for brief period of time before proceeding, to give AWS time to create the EC2 instance.

group is the name of the security group that the EC2 instance will attach to. In my example I’ve used my security group called default.

count is how many instances of this type to create.

region is the region to create the instances in.

Published by Geek_Dude

I'm a tech enthusiast that enjoys science, science fiction, comics and video games - pretty much anything geeky.

One thought on “Using Ansible With AWS – Creating EC2 Instances (AWS / Ansible)

  1. Pingback: Using Ansible with AWS – Creating Multiple EC2 Instances, Tagging Them and ELK (AWS/Ansible) – Geek Tech Stuff

Comments are closed.