Ansible
Use the Ansible integration to execute Ansible playbooks in a secure and centrally managed environment.
Last updated
Use the Ansible integration to execute Ansible playbooks in a secure and centrally managed environment.
Last updated
The current state of art creates ad-hoc mechanisms to manage secrets, pass data, collect logs, and manage users for which the playbooks are being developed.
Using the Fylamynt | Ansible integration you can run your playbooks in a secure environment where the team workload can be orchestrated seamlessly.
The integration between Fylamynt and Ansible lets you:
Execute an Ansible playbook from your S3 bucket and collect logs.
Centrally manage the SSH keys used by Ansible to connect with target VMs to execute commands.
Monitor execution status and pair it with other integration actions that Fylamynt offers. For example, the execution status can be passed to a conditional node which branches out to either sending a Slack message or create a JIRA issue.
Navigate to Settings > Integrations > Ansible.
Configure a new integration instance.
Details needed to set up Ansible instance in Fylamynt:
Follow the steps listed below in your AWS Account and get the desired parameters to enter in Fylamynt.
Login to the AWS console
Enable cross-account access to the S3 bucket with Ansible playbooks and the optional S3 bucket for log files:
Paste the value for Principal from the right pane into the green Principal field for the Bucket policy. The red Resource field should have entries for the bucket and the objects within.
The policy for a single bucket or the optional S3 bucket for log files should be:
A more restrictive policy for a separate S3 bucket with Ansible playbooks can be:
You can add these actions in the Fylamynt workflow builder, as part of your workflow.
This action launches a playbook with Ansible.
Input
Output
Action Example
Parameter
Description
Required
Playbooks (S3 bucket with playbooks directory)
The Ansible directory hierarchy is expected to be available in an S3 bucket with Ansible playbooks.
True
S3 Access Role (Fylamynt IAM role for bucket policy in target account)
To enable cross-account access to the S3 bucket.
True
Logs (S3 bucket for execution logs)
The output of a run will be uploaded to the same bucket, or an optional S3 bucket for log files.
False
SSH Private Key (Ansible Controller Private ssh key)
Access to these resources needs to be granted by following the instructions below. A SSH private key that allows access to the managed nodes needs to be provided.
True
Parameter Name
Description
Required
playbook
The name of the playbook to be run
True
hosts
A list of target hosts for the Ansible playbook run, or the name of the inventory YAML file.
True
alias
The target account for the run
True
user
The user on the remote system, defaults to admin
False
extra_args
Any extra arguments to be passed to the ansible-playbook command
False
Parameter Name
Type
Description
task_arn
String
The ARN for the task running the job.
task_status
String
The task status when the action returns
log_bucket
String
The S3 bucket in which the log file will be saved
log_key
String
The file name for the log.
