How to use Ansible on a local workstation with Amazon AWS

To connect with Amazon AWS you need to use a key. Usually that key is protected with a password. Because it is not possible to use Ansible with a password protected key some configuration is necessary.

I assume you are logging in to AWS with a Putty ppk-key. First we need to convert the Putty ppk-file into a format that OpenSSH understands. The result will be copied to ~/.ssh/

puttygen mykeypair-eu-ie-sec.ppk -O private-openssh -o mykeypair-eu-ie-sec
puttygen mykeypair-eu-ie-sec.ppk -O public-openssh -o mykeypair-eu-ie-sec.pub
mv ~/mykeypair-eu-ie-sec* ~/.ssh/
chmod 600 ~/.ssh/mykeypair-eu-ie-sec
chmod 664 ~/.ssh/mykeypair-eu-ie-sec.pub

Now edit or create the ~/.ssh/config file

Host myserver.eu-west-1.compute.amazonaws.com   
  ForwardAgent yes
  IdentityFile ~/.ssh/mykeypair-eu-ie-sec

Next load the key in memory so that Ansible doesn’t have to ask for the passphrase of the key.

ssh-agent bash
ssh-add -L
ssh-add ~/.ssh/mykeypair-eu-ie-sec

Now you can use your local Ansible with servers on Amazon AWS.

References:
– https://developer.github.com/v3/guides/using-ssh-agent-forwarding/

No Comments

Post a Comment