我尝试通过Ansible管理AWS安全组,并希望为其添加标记。 有人能给我一个如何做到这一点的例子吗?
例如,我有一个安全组' test_security_group'我想添加一个标签' foo'到那个安全组。
根据Ansible文档,ec2_tag模块可以正常运行,但到目前为止,我还没有成功地将它用于安全组。
答案 0 :(得分:14)
像这样:
- name: Create security group for app instances
local_action:
module: ec2_group
name: "http-everywhere"
description: "My Security Group"
vpc_id: "vpc=abcd1234"
region: "us-east-1"
rules:
- proto: tcp
from_port: 80
to_port: 80
cidr_ip: 0.0.0.0/0
register: aws_sg
- name: Tag the security group with a name
local_action:
module: ec2_tag
resource: "{{aws_sg.group_id}}"
region: "us-east-1"
state: present
tags:
Name: "My Security Group Name"
env: "production"
service: "web"
答案 1 :(得分:1)
从ansible 2.4开始,您可以直接指定标签
- name: Create ec2 security group
ec2_group:
name: SSH
description: SSH
vpc_id: "{{ default_vpc_id }}"
region: "{{ aws_region }}"
tags:
Name: SSH
Tag1: Value1
Tag2: Value2
rules:
- proto: tcp
ports:
- 22
cidr_ip: 0.0.0.0/0