Ansible – SSH into an AWS EC2 instance

Ansible – SSH into an AWS EC2 instance


I was playing around with Ansible recently and I wanted to configure an AWS EC2 instance for a python project I am working on.

I will not go into too many details about Ansible in this article, I just want to show you how to set up Ansible to SSH into your EC2 instance so you can configure it as you need.

Test EC2 Connection

Before going into Ansible, we want to make sure that we can connect to the EC2 instance from the host machine via SSH:

ssh -i my_ec2_key.pem ubuntu@my-ec2-host-or-ip

Note: the user name in my case is ubuntu as I am using an ubuntu instance – yours might be different. 

If you have problems accessing your instance, please refer to the AWS documentation.

Create Ansible User in EC2

This is an optional step as we can use the default EC2 user in Ansible as well, but I like creating a specific user for Ansible.

Generate ssh-key for your user

We’ll be needing this key pair to connect to the EC2 instance.

In the host environment, we will create an ssh-key that will be used for your Ansible user:

ssh-keygen -t rsa -C ""

chmod 400 ~/.ssh/id_rsa

We can leave everything as default – a pair of private/public keys will be generated in ~/.ssh as id_rsa (the private key) and (the public key).

We need to copy the contents of the public key – that looks like this:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAudXEIP2qNrYDOVdS5T7ZB7...............

SSH into the EC2 instance

ssh -i my_ec2_key.pem ubuntu@my-ec2-host-or-ip

Create an Ansible user

$ sudo su -
$ adduser ansible

Add public key into authorized keys

$ sudo su -
$ cd /home/ansible
$ mkdir .ssh
$ cd .ssh
$ vi authorized_keys

Paste the public key contents that we generated earlier on the host environment into the authorized_keys file and save.

Test Connection

Going back to the host environment, we can test the SSH connection to the EC2 instance using the ansible user that we just created:

ssh -i ~/.ssh/id_rsa ansible@your-ec2-host-or-ip

Note: We need to pass the newly created private ssh key to connect – not the one that we previously used to connect using the ubuntu user

Ansible Inventory

In the host environment – let’s create the Ansible inventory.

For this example, I am not going to use the default Ansible inventory file /etc/ansible/hosts, but I will create one of my own:

~/ansible-test/aws$ vi inventory_aws

my-ec2-hostname-or-ip ansible_user=ansible ansible_ssh_private_key_file=/home/ivl/.ssh/id_rsa

Or we can also use vars in the inventory file:

~/ansible-test/aws$ vi inventory_aws



We can use one way or another for configuring our inventory file – chose which one you’d prefer.

Ansible Test

Let’s create a simple Ansible Playbook with a debug message so we can test our connection to EC2:

~/ansible-test/aws$ vi test-aws.yaml

  - hosts: aws
      - debug: msg="Ansible is working!"

Execute the playbook:

~/ansible-test/aws$ ansible-playbook -i inventory_aws test-aws.yaml

PLAY [aws] *************************************************************************************************

TASK [Gathering Facts] *************************************************************************************
ok: [my-ec2-hostname-or-ip]

TASK [debug] ***********************************************************************************************
ok: [my-ec2-hostname-or-ip] => {
    "msg": "Ansible is working!"

PLAY RECAP *************************************************************************************************
my-ec2-hostname-or-ip : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Awesome, it works!


This example of how to use Ansible with an EC2 instance works well if we have a static inventory. For example when we’re developing something small on an AWS EC2 instance and we want to configure it via Ansible.

You can check Dynamic Inventories if you have hosts spinning up or shutting down in response to business demands.

Happy coding!

Resources and further reading

Dynamic Inventories

Ansible for AWS

Ansible AWS EC2 Module

Image rights

Ionut Adrian Vladu

I enjoy building python scripts for…everything! I am a Cloud enthusiast and I like to keep up with technology. When I'm not behind a computer, I like taking photos -- Visit My 500px profile -- or sit back and enjoy Formula 1 race weekends. Currently, working as a Tech Cloud Specialist @ Oracle
Notify of
Inline Feedbacks
View all comments