chore(aws/ssm): register how ssm worked before i forget

2026-02-08 21:34:25 +00:00 · 2024-04-22 21:26:46 +02:00
parent a7bf416580
commit 39a359b7f1
7 changed files with 213 additions and 34 deletions
--- a/ansible/playbooks/aws.ec2.enable-ssm-agent.yml
+++ b/ansible/playbooks/aws.ec2.enable-ssm-agent.yml
@@ -0,0 +1,39 @@
+---
+- name: Enable SSM management through agent
+  hosts: all
+  tasks:
+    - name: Install the SSM Agent
+      tags:
+        - agent
+        - package
+      become: true
+      ansible.builtin.package:
+        name: amazon-ssm-agent
+        state: latest
+      register: package
+    - name: Enable required services
+      tags:
+        - agent
+        - service
+      become: true
+      ansible.builtin.service:
+        name: amazon-ssm-agent.service
+        state: started
+        enabled: true
+      register: service
+  post_tasks:
+    - name: Check everything is working from the instance
+      tags:
+        - check
+      when:
+        - package is not failed
+        - service is not failed
+      block:
+        - name: Run the diagnostic command
+          become: true
+          ansible.builtin.command: ssm-cli get-diagnostics --output 'json'
+          register: diagnostics
+          changed_when: false
+        - name: Show the results
+          ansible.builtin.debug:
+            var: diagnostics.stdout
--- a/ansible/playbooks/darwin.xcode-cli-tools.install.yml
+++ b/ansible/playbooks/darwin.xcode-cli-tools.install.yml
@@ -29,6 +29,7 @@
        - name: Get the tools' label
          register: cli_tools_label
          ansible.builtin.shell: >-
+            set -o pipefail && \
            /usr/sbin/softwareupdate --list
            | grep -B 1 -E 'Command Line Tools'
            | awk -F'*' '/^ *\\*/ {print $2}'