A spin off from Ansible SSH bastion host for dynamic infrastructure in AWS, this post documents how to gather EC2 instance SSH public key from the AWS System Log. background For a while I was stumped at how to deal with AWS, AMIs and SSH fingerprints/public keys. Initially, it was through pre-baked AMIs. But what if pre-baking AMIs isn’t realistic? Or the AMIs are baked without SSH host keys generated and aren’t known?

I use AWS infrastructure as a service (IaaS) heavily, both personally and professionally. I have a slew of all different types of instances, doing different types of things. In many cases, I’ll want backups; basically, AWS snapshots. I needed a way to quickly create and manage backups through the use of AWS snapshots in an automated fashion. Sounds like a job for Ansible - and that’s exactly what I did. I wrote a playbook to handle all of this management.

overview I’ve been thinking about dynamic inventories and Ansible, especially when using AWS. One major difference between static IT infrastructures and dynamic AWS infrastructures is that IP addresses may change, instances may be terminated, and things just flat out change. Your resources are a moving target. Finding those instances/servers/VMs is the first step in managing your inventory. Ansible has a great tool for this, “ec2.py”. It basically pulls information on instances in AWS at runtime (as -i .