Run Ansible playbooks using Terraform.
resource "ansible_navigator_run" "webservers_example" {
playbook = <<-EOT
- name: Example
hosts: webservers
tasks:
- name: Install nginx
ansible.builtin.package:
name: nginx
EOT
inventory = yamlencode({
webservers = {
hosts = {
a = { ansible_host = "webserver-a.example.com" }
}
}
})
}
data "ansible_navigator_run" "uptime_example" {
playbook = <<-EOT
- name: Example
hosts: all
EOT
inventory = yamlencode({})
artifact_queries = {
"uptimes" = {
jq_filter = <<-EOT
[.plays[] | select(.name=="Example") | .tasks[] | select(.task=="Gathering Facts") |
{host: .host, uptime_seconds: .res.ansible_facts.ansible_uptime_seconds }]
EOT
}
}
}
output "uptimes" {
value = jsondecode(data.ansible_navigator_run.uptime_example.artifact_queries.uptimes.results[0])
}- Run Ansible playbooks against Terraform managed infrastructure (without the
local-execprovisioner). Eliminates the need for additional scripting or pipeline steps. - Construct Ansible inventories using other data sources and resources. Set Ansible host and group variables to values and secrets from other providers.
- Utilize Ansible execution environments (containers images) to customize and run the Ansible software stack. Isolate Ansible and its related dependencies (Python/System packages, collections, etc) to simplify pipeline and workstation setup.
- Write
jqqueries against playbook artifacts. Extract values from the playbook run for use elsewhere in the Terraform configuration. Examples include: Ansible facts, remote file contents, task results -- the possibilities are endless! - Control playbook re-run behavior using several "lifecycle" options, including an attribute for running the playbook on resource destruction. Implement conditional tasks with the environment variable
ANSIBLE_TF_OPERATION. - Access the previous run's inventory via the
ANSIBLE_TF_PREVIOUS_INVENTORYenvironment variable. This enables advanced use cases like comparing inventories to manage upgrades, mitigate configuration drift, or perform cleanup tasks on removed hosts. - Connect to hosts securely by specifying SSH private keys and known host entries. No need manage
~/.sshfiles or setupssh-agentin the environment which Terraform runs.
Warning
Windows builds of this provider are unlikely to work. Bug reports and PRs are welcome.
Warning
All versions released prior to v1.0.0 are to be considered breaking changes.
| Release | Ansible Navigator | Terraform |
|---|---|---|
| < v1.0.0 | >= 25.4.0 | >= 1.11.0 |
- Clone the repository
- Enter the repository directory
- Build the provider using the Go
installcommand:
go installThis provider uses Go modules. Please see the Go documentation for the most up to date information about using Go modules.
To add a new dependency github.com/author/dependency to your Terraform provider:
go get github.com/author/dependency
go mod tidyThen commit the changes to go.mod and go.sum.
If you wish to work on the provider, you'll first need Go installed on your machine (see Requirements above).
To compile the provider, run go install. This will build the provider and put the provider binary in the $GOPATH/bin directory.
To generate or update documentation, run make docs.
In order to run the full suite of Acceptance tests, run make test/acc.
Note: Acceptance tests create real resources, and often cost money to run.
make test/acc