Retrieve EC2 instance data for minions for ec2_tags and ec2_tags_list
The minion id must be the AWS instance-id or value in
Name to have the minion-id matched against
the tag 'Name'. The tag contents must be unique. The value of
tag_match_value can be 'uqdn' or 'asis'. if 'uqdn', then the domain will be
stripped before comparison.
use_grain option can be set to
True. This allows the
use of an instance-id grain instead of the minion-id. Since this is a potential
security risk, the configuration can be further expanded to include a list of
minions that are trusted to only allow the alternate id of the instances to
specific hosts. There is no glob matching at this time.
It is important to also note that enabling the
use_grain option allows
the minion to manipulate the pillar data returned, as described above.
tag_list_key indicates which keys should be added to
ec2_tags_list and be split by
tag_list_sep (by default
;). If a tag
key is included in
tag_list_key it is removed from ec2_tags. If a tag does
not exist it is still included as an empty list.
As with any master configuration change, restart the salt-master daemon for changes to take effect.
ext_pillar: - ec2_pillar: tag_match_key: 'Name' tag_match_value: 'asis' tag_list_key: - Role tag_list_sep: ';' use_grain: True minion_ids: - trusted-minion-1 - trusted-minion-2 - trusted-minion-3
This is a very simple pillar configuration that simply retrieves the instance data from AWS. Currently the only portion implemented are EC2 tags, which returns a list of key/value pairs for all of the EC2 tags assigned to the instance.
Execute a command and read the output as YAML