| #!/usr/bin/env python3 | |
| """ | |
| Proxmox Dynamic Inventory Script for Ansible | |
| This script connects to a Proxmox VE API using an API token and dynamically generates | |
| an inventory of running virtual machines and containers. Each VM is grouped by tags, | |
| and metadata is included for Ansible use (e.g., connection type, user, IP address). | |
| Example use: ansible-playbook main.yml -i proxmox_ansible_dynamic_inventory.py |
| import boto3 | |
| import copy | |
| from botocore.exceptions import NoCredentialsError | |
| # Replace value with your own | |
| bucket_name = 'bucket' | |
| """ | |
| Ensure your S3 bucket has the following CORS (or more restrictive) | |
| [ |
| import os | |
| import json | |
| import boto3 | |
| import logging | |
| log = logging.getLogger() | |
| log.setLevel(os.environ.get("LOG_LEVEL", "INFO")) | |
| ec2_client = boto3.client('ec2', region_name=os.environ.get("AWS_REGION")) | |
| ec2_resource = boto3.resource('ec2', region_name=os.environ.get("AWS_REGION")) |
#Steps to allow-list the upstream repositories ECR Pull-Through Cache will allow
Enable ECR Pull-Through Cache by following https://docs.aws.amazon.com/AmazonECR/latest/userguide/pull-through-cache.html?icmpid=docs_ecr_hp-registry-private (and using the default 'ecr-public' namespace)
Create a new Registry Permission with the following, substituting your own AWS account number:
{
"Sid": "RestrictCacheApartFrom",
"Effect": "Deny",
I hereby claim:
To claim this, I am signing this object: