wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-07-25 06:53:00 +02:00
Code Issues Projects Releases Wiki Activity
algo/roles/cloud-ec2/tasks/encrypt_image.yml
Andy Boutte 76cdc69548 CF tested and working for EC2 deployment (#431) 
* AWS CloudFormation #132

* IPv6 EC2 draft

* CF tested and working for EC2 deployment

* IPv6 Implementation, EC2, Cloudformation

* Fixed ipv6 networking

* adding ip6tables rule for DHCP on AWS
2017-04-20 18:04:57 -04:00

37 lines
1.1 KiB
YAML
Raw Blame History

- name: Check if the encrypted image already exist
ec2_ami_find:
aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'), true)}}"
aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'), true)}}"
owner: self
sort: creationDate
sort_order: descending
sort_end: 1
state: available
ami_tags:
Algo: "encrypted"
region: "{{ region }}"
register: search_crypt
- set_fact:
ami_image: "{{ search_crypt.results[0].ami_id }}"
when: search_crypt.results
- name: Copy to an encrypted image
ec2_ami_copy:
aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'), true)}}"
aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'), true)}}"
encrypted: yes
name: algo
kms_key_id: "{{ kms_key_id | default(omit) }}"
region: "{{ region }}"
source_image_id: "{{ ami_image }}"
source_region: "{{ region }}"
tags:
Algo: "encrypted"
wait: true
register: enc_image
when: not search_crypt.results
- set_fact:
ami_image: "{{ enc_image.image_id }}"
when: not search_crypt.results
Reference in a new issue View git blame Copy permalink