securely gathering SSH public keys from the AWS System Log

A spin off from Ansible SSH bastion host for dynamic infrastructure in AWS, this post documents how to gather EC2 instance SSH public key from the AWS System Log. background For a while I was stumped at how to deal with AWS, AMIs and SSH fingerprints/public keys. Initially, it was through pre-baked AMIs. But what if pre-baking AMIs isn’t realistic? Or the AMIs are baked without SSH host keys generated and aren’t known?
automated AWS snapshot with Ansible

automated AWS snapshot with Ansible

I use AWS infrastructure as a service (IaaS) heavily, both personally and professionally. I have a slew of all different types of instances, doing different types of things. In many cases, I’ll want backups; basically, AWS snapshots. I needed a way to quickly create and manage backups through the use of AWS snapshots in an automated fashion. Sounds like a job for Ansible - and that’s exactly what I did.
Ansible stuffs - using ec2_remote_facts instead of ec2.py

Ansible stuffs - using ec2_remote_facts instead of ec2.py

overview I’ve been thinking about dynamic inventories and Ansible, especially when using AWS. One major difference between static IT infrastructures and dynamic AWS infrastructures is that IP addresses may change, instances may be terminated, and things just flat out change. Your resources are a moving target. Finding those instances/servers/VMs is the first step in managing your inventory. Ansible has a great tool for this, “ec2.py”. It basically pulls information on instances in AWS at runtime (as -i .