Featured Image
  • Overview

    The Terraform module for setting up Ansible Tower in AWS provides an automated and efficient solution for deploying Ansible Tower, a robust automation platform, within an Amazon Web Services (AWS) environment. By leveraging Terraform's infrastructure-as-code capabilities, this module streamlines the process of provisioning and configuring the necessary AWS resources, including virtual machines, networking components, and storage, required for Ansible Tower. With customizable parameters and support for high availability, security, and integration with existing resources, the module ensures a flexible, scalable, and secure deployment. Overall, the Terraform module for Ansible Tower in AWS simplifies the deployment process, enhances productivity, and provides a reliable foundation for leveraging the power of Ansible Tower in an AWS environment.

  • Scope

    The scope of the Terraform module to set up Ansible Tower in AWS is to automate the provisioning and configuration of the necessary AWS resources for deploying and managing Ansible Tower. It encompasses tasks such as creating virtual machines, networking components, storage, and security configurations, ensuring a streamlined and standardized process for setting up Ansible Tower in an AWS environment.


Automation is everywhere. Ansible Tower is one of the prominent tools for configuration management. This article will focus on using Terraform to automate installing Ansible Tower over AWS.

What exactly is the difference between Ansible and Ansible Tower?

Both Ansible and Ansible Tower provide businesses with a wide variety of choices for configuration management. However, the two products should not be confused with one another. Ansible is a powerful tool for configuration management; nevertheless, those IT managers who are not comfortable with command-line tools may find it intimidating to use.

The command-line interface that Ansible provides makes it possible for IT teams to carry out a wide variety of configuration management tasks. By providing administrators with an automated and repeatable approach for deploying settings, the application does away with the necessity of ad hoc scripts and manual infrastructure management. Tower, on the other hand, offers increased usability as well as centralised control of administrative tasks.

Ansible Tower is an extension that adds additional management tools and seeks to solve this problem by adding a graphical user interface. It also extends the capabilities of Ansible. Ansible Tower additionally provides functions that are essential for the implementation of large-scale information technology in businesses. This provides accurate and safe access to the Ansible environment for individual and group users. It does this by including advanced settings for role-based access control, also known as RBAC. This makes things more secure and keeps a record of everything that goes on. These access control features are made possible by Ansible Tower's use of Active Directory and Lightweight Directory Access Protocol.

Furthermore, Ansible Tower is a centralized platform for managing an environment's host inventory, logging activity, and running Ansible playbooks. In addition, the Ansible Tower dashboard offers a unified view of the health and state of the deployment and provides information on the present execution of Ansible jobs.

What is terraform?

HashiCorp, the parent organisation, defines it as, "Terraform is an infrastructure as code (IaC) tool that allows you to build, change, and version infrastructure safely and efficiently. This includes both low-level components like compute instances, storage, and networking, as well as high-level components like DNS entries and SaaS features."

Some of the use cases include,

- Infrastructure-as-Code
- Multi-cloud deployment and management
- Managing Kubernetes
- Integration with existing CI/CD workflows
- Managing virtual machine images
- Managing network infrastructure

Terraform also provides CDKTF (Cloud Development Kit for Terraform) to manage infrastructure using programming languages such as Java, Python, Go, C# and TypeScript.

Terraform Lifecycle

- The Terraform environment is brought up to speed using the terraform init command (on a local level). In most cases, the init command is only used once throughout each session.
- After comparing the current state of Terraform and the existing state of the cloud, the terraform plan command develops and shows an execution plan. The deployment will not be affected in any way by this (read-only).
- The terraform apply command is the one that puts the plan into action.
- When we use terraform destroy, all of the resources that are controlled by this environment's terraform parameters will be removed.

Terraform-Module-to-Setup-Ansible Tower-in-AWS- image

Terraform Configuration Files

The configuration files for Terraform are a collection of files that have the file extensions.tf and if.json. These files are used to define the infrastructure for Terraform. Terraform leverages a declarative approach for designing infrastructure. You are able to indicate the state you want the configuration file to be in by using configuration files. The parameters and values that indicate the desired state of the resources that make up your infrastructure are included in configuration files.

- Configuration file (files with the extension *.tf): This is where we describe the provider and resources that will be deployed, as well as the kind of resources and any resource-specific attributes.
- Variable declaration file (either variables.tf or variables.json): In this section, the input variables required to deliver resources are specified.
- Variable definition files (terraform.tfvars): In this step, values are given to the variables that were input.
- State file (also known as terraform.tfstate): When running Terraform for the first time, a state file is automatically produced. It stores information pertaining to the managed infrastructure that we have.

Let’s jump into the project

Teraform base Resources,


variable ports { type = list(number) 

variable instance_type { type = string}

variable access_key { type = string }

variable secret_key { type = string }

variable region { type = string }

variable vpc_id {type = string}

variable ansible_tower_tar_URL {type = string}

variable image_name { type = string}


provider "aws"

  {region     = "${var.region}"

  access_key = "${var.access_key}"

  secret_key = "${var.secret_key}"


ports = [25672, 15672, 4369, 5432, 443, 80, 22] instance_type = "t2.micro" region = "ap-south-1" vpc_id = "" access_key = "" secret_key = "" image_name = "RHEL_HA-8.4.0_HVM-*-x86_64-2-Hourly2-GP2" ansible_tower_tar_URL=



//AMI Image ID data "aws_ami" "RHEL" { most_recent = true owners = ["309956199498"] filter

{ name = "name"

values = ["${var.image_name}"]

filter { name = "root-device-type" values = ["ebs"] 

filter { name = "virtualization-type" values = ["hvm"]

// Creating EC2 instance resource "aws_instance" "RHEL-instance"

{ ami = "${data.aws_ami.RHEL.id}" instance_type = "${var.instance_type}" key_name = "${aws_key_pair.RHEL-key.key_name}"

security_groups = ["custom-sg"]

tags = { Name = "RHEL-TF" }

// Installing Ansible Tower on same instance connection { type = "ssh" user = "ec2-user" private_key = file("${path.module}/id_rsa") host = "${self.public_ip}" }

provisioner "file" { source = "ansibleTowerInstallation.sh" destination = "/tmp/ansibleTowerInstallation.sh" }

provisioner "remote-exec" { inline = [ "cd /tmp", "curl -O ${var.ansible_tower_tar_URL}", "tar xvfz /tmp/ansible-tower-*.tar.gz", "sudo sh /tmp/ansibleTowerInstallation.sh", "cd /tmp/ansible-tower-setup-*/", "sudo sh setup.sh", ] }


// Creating SSH key pair

resource "aws_key_pair" "RHEL-key" { key_name = "RHEL-key"

public_key=file("${path.module}/id_rsa.pub") }


// Creating Security group

resource "aws_security_group" "security-group"

{ name = "custom-sg"

description = "Allow TLS inbound traffic" vpc_id = "${var.vpc_id}"

dynamic "ingress"

{ for_each = var.ports

iterator = port content

{ description = "TLS from VPC"

from_port = port.value

to_port = port.value

protocol = "tcp"

cidr_blocks = [""] ipv6_cidr_blocks = ["::/0"] } }


{ from_port = 0

to_port = 0

protocol = "-1"

cidr_blocks = [""] ipv6_cidr_blocks = ["::/0"] }

tags = { Name = "custom-sg" } }



sed"s/^admin_password=''/admin_password=redhat/" /tmp/ansible-tower-setup-*/inventory

sed"s/^pg_password=''/pg_password=redhat/" /tmp/ansible-tower-setup-*/inventory-sg"

Now, it’s time to execute

Download all required providers

>>> terraform init

Testing & reviewing configuration

>>> terraform plan

Once verified, applying the configuration

>>> terraform apply

We have successfully setup Ansible Tower in AWS.

variable po

Deploy with Ease


Get our Terraform module for hassle-free setup of Ansible Tower in AWS