SShortSingh.
Back to feed

How Packer and Ansible Together Automate Repeatable AWS Machine Provisioning

0
·9 views

A DevOps engineer describes how inconsistent, manual EC2 instance setup — where no two machines were truly identical — prompted a search for a standardized, auditable solution. The approach combines HashiCorp Packer to orchestrate Amazon Machine Image (AMI) builds with Ansible running in local mode directly inside the temporary build instance, eliminating the need for an external control node. Packer spins up a base instance, copies Ansible playbooks into it, executes roles for hardening and configuration, runs a cleanup script, and then snapshots the result as a versioned golden AMI. The setup can also leverage AWS Systems Manager Session Manager instead of direct SSH, removing the need for public network routes or open Security Group rules on port 22. The result is a fully repeatable, version-controlled provisioning pipeline that removes human memory as a dependency in infrastructure setup.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Developer Builds El Niño Monitoring Dashboard Using Python's Dash Framework

A Peruvian software developer built an interactive climate dashboard using Dash, a Python framework by Plotly, to visualize El Niño data without writing any JavaScript. The project tracks two complementary indices — Peru's coastal ICEN index from the IGP and the international RONI index from NOAA CPC — on a single chart to compare local and global ocean conditions. The developer chose the El Niño theme because the phenomenon has direct consequences for Peru, including floods, droughts, disrupted fisheries, and infrastructure damage. The open-source project, called vigia-enos, uses Python ETL scripts to fetch and process both data series before rendering them in a Dash single-page application. The developer noted that Dash's tight integration with Plotly made it easy to produce interactive charts with built-in zoom, tooltips, and range sliders from day one.

0
ProgrammingDEV Community ·

Veramask API Lets Developers Anonymize PII in Text and JSON Payloads

Data masking is a technique that replaces sensitive personal information with fictitious but structurally realistic data, making it safe for use in development, testing, and analytics. Dynamic data masking (DDM) applies these transformations in real time at the API layer, without altering or storing the original data. Veramask is an API-based service that implements DDM through two endpoints — one for raw text and one for structured JSON — detecting and replacing entities such as names, emails, and phone numbers. Developers can control masking behavior per entity type using strategies including substitution, redaction, hashing, and partial obscuring. Access requires an API key obtained via the Veramask Developer Portal, which is then passed as a request header with each call.

0
ProgrammingDEV Community ·

Tencent Cloud Open-Sources CubeSandbox for Secure, Fast AI Agent Code Execution

Tencent Cloud has released CubeSandbox, an open-source sandbox service built in Rust to safely isolate and execute code generated by AI agents. Unlike standard Docker containers, it uses KVM and RustVMM to give each task its own dedicated guest OS kernel, preventing untrusted code from escaping to the host system. The sandbox boots in under 60 milliseconds and consumes less than 5MB of memory per instance, enabling thousands of concurrent isolated environments on a single machine. CubeSandbox is API-compatible with E2B, allowing developers to switch to self-hosted deployment by changing a single environment variable. The project supports both single-node and cluster deployments, with Terraform scripts included for streamlined cloud setup.

0
ProgrammingDEV Community ·

Snowflake Multi-Agent System Gets Security Layer With Governance Agent in Part 3

A three-part tutorial series on building a Snowflake multi-agent AI system has reached its final installment, adding a dedicated Security and Governance Agent to the existing Admin and Cost Optimizer agents. The new agent focuses on access control, role hygiene, failed login detection, unauthorized access attempts, and compliance-friendly audit summaries. It leverages semantic views built over Snowflake's ACCOUNT_USAGE schema, enabling natural language queries across security domains like login anomalies and excessive privileges. Specialized tools such as FailedLoginAnalyst, LoginAnomalyDetector, and UnauthorizedAccessAnalyst are wired into the agent via Cortex Analyst. The central Orchestrator is updated to route security-related questions to this new specialist, completing a full-coverage assistant that handles operations, cost, and risk.