• DevOps Engineer, Anki.
• Sysadmin for about 16 years.
• I will automate as much as I possibly can.
What are we talking about today?
• How you can use Ansible to provision an AWS infrastructure on the fly
with out having to use separate tools. (CloudFormation, Terraform,
• Leveraging Ansible Filters so that you can use names instead of ARN’s
(Amazon Resource Identifiers)
• Organize your roles and group_vars for code reusability.
Tags are how to find all the things.
• At least create the Name tag.
• PLEASE CREATE THE NAME TAG.
• Maybe create a tag for the following..
• service (super-fast-web-app, file-parser, or what ever you name
• environment (production, development, etc..)
Do not hard code ids or ARNs, if you want to
do the following…
• Deploy a new VPC with out using other tools.
• Deploy all of your services and it’s dependencies with one playbook.
• Not look in the aws console for that elusive
• Not pollute your beautiful playbooks with
identifiers that do not make any sense.
Organize your roles, for code reusability.
• Use include in your tasks. You do not have to write a story in
• Create a folder in tasks just for your aws resources. You should not
have to write the same code over and over again.
group_vars/ is your friend
• Set the baseline settings in
• Set the standard service settings in
• Override any of the service variables on a per environment basis.
Keep tasks as clean as possible.
• Use AWS Tags. Without tags, you are a lost puppy.
• Ansible Filters are your friends.
• Stop hard coding IDs and ARNs.
• Use group_vars/ to your advantage.
• Organize your roles for reusability.
• Do not write novels in your tasks.
• You can view the examples on github