π§Ύ Ansible Project: Automate EC2 Instance Lifecycle on AWS
Sachidananda S Vβ Objective
This project automates:
Creating EC2 instances using loops
Setting up password-less SSH between Ansible control node and EC2 instances
Shutting down only Ubuntu instances using Ansible conditionals
π Prerequisites
Before starting this project, ensure you have the following:
β Ansible installed on your control node (Ubuntu/Linux preferred)
β An AWS account with access credentials (Access Key ID & Secret Key)
β An IAM user with permissions to create EC2 instances
β Ansible collections:
ansible-galaxy collection install amazon.awsβ AWS CLI configured on the control node:
aws configure
β A valid AWS key pair (.pem) for SSH access
β Basic understanding of writing Ansible playbooks
Control node (local machine or EC2 instance) with:
AWS CLI configured
Python packages:
boto,boto3,botocoreCopysudo apt update && sudo apt install -y ansible python3-pip pip install boto boto3 botocore
β Setup Vault:
- Create a password for vault:
openssl rand -base64 2048 > vault.pass2. Add your AWS credentials using the below vault command:
#To create ansibile-vault create group_vars/all/pass.yml --vault-password-file vault.pass #To edit ansibile-vault edit group_vars/all/pass.yml --vault-password-file vault.pass
π Project Structure
ansible-ec2-project/
βββ group_vars/
β βββ all/
β βββ pass.yml β Encrypted using Ansible Vault
βββ ec2_create.yaml β Creates EC2 instances
βββ ec2_stop.yaml β Stops only Ubuntu EC2 instances
βββ inventory.ini β Contains public IPs of instances
βββ vault.pass β DO NOT COMMIT!
βββ .gitignore β Prevents leaking secrets
Project Setup
π Task 1: Create 3 EC2 Instances using Ansible Loops
Create a playbook ec2_create.yml
---
- hosts: localhost
connection: local
tasks:
- name: create EC2 instances
amazon.aws.ec2_instance:
name: "{{ item.name }}"
key_name: "ansible_begin"
instance_type: t2.micro
security_group: default
region: us-east-1
aws_access_key: "{{ec2_access_key}}"
aws_secret_key: "{{ec2_secret_key}}"
network:
assign_public_ip: true
image_id: "{{ item.image }}"
loop:
- { image: "ami-084568db4383264d4", name: "ansible-ec2-1" }
- { image: "ami-084568db4383264d4", name: "ansible-ec2-2" }
- { image: "ami-0e449927258d45bc4", name: "ansible-ec2-3" }
Run the playbook:
ansible-playbook ec2_create.yml --vault-password-file vault.pass
π Note down public IPs and add them to inventory.ini:
[all]
ec2-user@<PUBLIC_IP_OF_AMAZON_LIUNX_EC2>
ubuntu@<PUBLIC_IP_OF_UBUNTU_EC2-1>
ubuntu@<PUBLIC_IP_OF_UBUNTU_EC2-2>
π Task 2: Set Up Password-less SSH Authentication
Using Public Key
ssh-copy-id -f "-o IdentityFile <PATH TO PEM FILE>" ubuntu@<INSTANCE-PUBLIC-IP>
ssh-copy-id: This is the command used to copy your public key to a remote machine.
-f: This flag forces the copying of keys, which can be useful if you have keys already set up and want to overwrite them.
"-o IdentityFile ": This option specifies the identity file (private key) to use for the connection. The -o flag passes this option to the underlying ssh command.
ubuntu@: This is the username (ubuntu) and the IP address of the remote server you want to access.
π Task 3: Shutdown Ubuntu Instances Only Using Conditionals
Create a playbook ec2_stop.yml
---
- hosts: all
become: true
tasks:
- name: Shutdown ubuntu instances only
ansible.builtin.command: /sbin/shutdown -t now
when:
ansible_os_family == "Debian"
Run the playbook:
ansible-playbook -i inventory ec2_stop.yml --vault-password-file vault.pass
At last donβt forget to terminate your ec2 instances after completing the project.
πΈ Screenshots
- Creating IAM user with permission to Create EC2 Instances which named as
ansible_admin:
- Creation of EC2 instances after running
ec2_create.ymlfile:
ansible output:
Shutting down only Ubuntu instances after running
ec2_stop.ymlfile:
Subscribe to my newsletter
Read articles from Sachidananda S V directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by