Ansible Playbook: manage_cloud_realm


Manage cloud provider accounts, users, and organizations as a single entity.

The purpose is to simplify the setup of small public provider sites by defining a management structure following public provider best practicies.

Supported cloud providers:

Use Cases

Implement realm structure in AWS account

  • Generate in AWS IAM the API secret and key for the root AWS Account.
  • Update the API credentials for the root account in the end-state file cloud_aws_realm.yml
    key: "**root account key**"
    secret: "**root account secret**"
  • Run the playbook. Use the -s <SITE> parameter to select the target site.

    /opt/aplatform64/bin/ -n -p manage_cloud_realm -s <SITE>

  • Verify that the new users and groups were created.
  • Generate in AWS IAM the API secret and key for the IAM user iam_manager_auto.
  • Update credentias in the end-state file cloud_aws_realm.yml
    • Remove root credentials
    • Add iam_manager_auto credentials
    key: "**iam_manager_auto user key**"
    secret: "**iam_manager_auto user secret**"

Playbook Parameters


The playbook is run locally in the Ansible Control node and uses AWS API calls to execute remote tasks. Do not modify the inventory definition.

  • File: inventories/<SITE>/cloud_realm.ini
  • Host Group: cloud_realm

End State

A dedicated group_vars directory is used to store end-state configuration settings for both the playbook and related Ansible Roles.

Set playbook specific settings in the file: inventories/<SITE>/group_vars/cloud_realm/manage_cloud_realm.yml

Parameter Required? Type Default Purpose / Value
cloud_realm_provider no dictionary Define what public cloud provides will be managed no boolean true Enable AWS support

Additional role specific settings are available to further customize the playbook:

A:Platform64 role group_vars file inventories/<SITE>/group_vars/cloud_realm/cloud_aws_realm.yml


OS Compatibility

OS compatibility is role dependant. Please refer to the respective role documentation.


Dependencies in this section are automatically solved during the installation of A:Platform64.

  • Ansible Collections:


  • Ansible:
    • Control Node: A:Platform64 installed and configured.
    • Managed Nodes: target hosts prepared for A:Platform64 control.

Installation Procedure

The playbook is automatically deployed during the A:Platform64 installation process.


Help on implementing new features and maintaining the code base is welcomed.

Please see the guidelines for further details.