# Ansible

## Overview

The current state of art creates ad-hoc mechanisms to manage secrets, pass data, collect logs, and manage users for which the playbooks are being developed.

Using the Fylamynt | Ansible integration you can run your playbooks in a secure environment where the team workload can be orchestrated seamlessly.

## Use Cases

The integration between Fylamynt and Ansible lets you:

* Execute an Ansible playbook from your S3 bucket and collect logs.
* Centrally manage the SSH keys used by Ansible to connect with target VMs to execute commands.
* Monitor execution status and pair it with other integration actions that Fylamynt offers. For example, the execution status can be passed to a conditional node which branches out to either sending a Slack message or create a JIRA issue.

## Configure Ansible in Fylamynt

* Navigate to **Settings** > **Integrations** > **Ansible**.
* Configure a new integration instance.

Details needed to set up **Ansible instance** in **Fylamynt**:

<table data-header-hidden><thead><tr><th>Parameter</th><th width="385.40287769784175">Description</th><th>Required</th></tr></thead><tbody><tr><td><strong>Parameter</strong></td><td>Description</td><td><strong>Required</strong></td></tr><tr><td>Playbooks (S3 bucket with playbooks directory)</td><td>The Ansible directory hierarchy is expected to be available in an S3 bucket with Ansible playbooks. </td><td>True</td></tr><tr><td>S3 Access Role (Fylamynt IAM role for bucket policy in target account)</td><td>To enable cross-account access to the S3 bucket.</td><td>True</td></tr><tr><td>Logs (S3 bucket for execution logs)</td><td>The output of a run will be uploaded to the same bucket, or an optional S3 bucket for log files.</td><td>False</td></tr><tr><td>SSH Private Key (Ansible Controller Private ssh key)</td><td><p>Access to these resources needs to be granted by following the instructions below. A SSH private key that allows access to the managed nodes needs to be provided.</p><p></p></td><td>True</td></tr></tbody></table>

Follow the steps listed below in your **AWS Account** and get the desired parameters to enter in **Fylamynt**.

* Login to the **AWS console**
* Enable cross-account access to the S3 bucket with Ansible playbooks and the optional S3 bucket for log files:

<div align="center"><img src="/files/-Ma2LZrkqsjS7DoH4cVj" alt=""></div>

* Paste the value for **Principal** from the right pane into the green Principal field for the **Bucket policy**. The red Resource field should have entries for the bucket and the objects within.

The policy for a single bucket or the optional S3 bucket for log files should be:

![](/files/-Ma2MFQkD_zE3on8LFRy)

A more restrictive policy for a separate S3 bucket with Ansible playbooks can be:

![](/files/-Ma2McOjL0EZ-0MU90Ad)

## Integration Actions

You can add these actions in the Fylamynt workflow builder, as part of your workflow.

1. [Ansible Run Playbook](#ansible-run-playbook)

### Ansible Run Playbook

This action launches a playbook with Ansible.

**Input**

| Parameter Name | Description                                                                                  | Required |
| -------------- | -------------------------------------------------------------------------------------------- | -------- |
| playbook       | The name of the playbook to be run                                                           | True     |
| hosts          | A list of target hosts for the Ansible playbook run, or the name of the inventory YAML file. | True     |
| alias          | The target account for the run                                                               | True     |
| user           | The user on the remote system, defaults to admin                                             | False    |
| extra\_args    | Any extra arguments to be passed to the ansible-playbook command                             | False    |

**Output**

| Parameter Name | Type   | Description                                       |
| -------------- | ------ | ------------------------------------------------- |
| task\_arn      | String | The ARN for the task running the job.             |
| task\_status   | String | The task status when the action returns           |
| log\_bucket    | String | The S3 bucket in which the log file will be saved |
| log\_key       | String | The file name for the log.                        |

**Action Example**

![](/files/-MaFbB7IvFSbE27yjwgr)

![](/files/-MaFbDBg_zsaB6ajiwOk)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fylamynt.com/integrations/ansible.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
Parameter	Description	Required
Parameter	Description	Required
Playbooks (S3 bucket with playbooks directory)	The Ansible directory hierarchy is expected to be available in an S3 bucket with Ansible playbooks.	True
S3 Access Role (Fylamynt IAM role for bucket policy in target account)	To enable cross-account access to the S3 bucket.	True
Logs (S3 bucket for execution logs)	The output of a run will be uploaded to the same bucket, or an optional S3 bucket for log files.	False
SSH Private Key (Ansible Controller Private ssh key)	Access to these resources needs to be granted by following the instructions below. A SSH private key that allows access to the managed nodes needs to be provided.	True