如何通过Ansible向AWS安全组添加标签?

时间:2014-12-26 22:27:41

标签: amazon-web-services ansible

我尝试通过Ansible管理AWS安全组,并希望为其添加标记。 有人能给我一个如何做到这一点的例子吗?

例如,我有一个安全组' test_security_group'我想添加一个标签' foo'到那个安全组。

根据Ansible文档,ec2_tag模块可以正常运行,但到目前为止,我还没有成功地将它用于安全组。

2 个答案:

答案 0 :(得分:14)

像这样:

- name: Create security group for app instances
  local_action:
    module: ec2_group
    name: "http-everywhere"
    description: "My Security Group"
    vpc_id: "vpc=abcd1234"
    region: "us-east-1"
    rules: 
      - proto: tcp
        from_port: 80
        to_port: 80
        cidr_ip: 0.0.0.0/0
  register: aws_sg

- name: Tag the security group with a name
  local_action:
    module: ec2_tag
    resource: "{{aws_sg.group_id}}"
    region: "us-east-1"
    state: present
    tags:
      Name: "My Security Group Name"
      env: "production"
      service: "web"

答案 1 :(得分:1)

从ansible 2.4开始,您可以直接指定标签

- name: Create ec2 security group
  ec2_group:
    name: SSH
    description: SSH
    vpc_id: "{{ default_vpc_id }}"
    region: "{{ aws_region }}"
    tags:
      Name: SSH
      Tag1: Value1
      Tag2: Value2
    rules:
      - proto: tcp
        ports:
          - 22
        cidr_ip: 0.0.0.0/0