Ansible Amazon EC2. The key pair does not exist

Question

I would like to create and provision Amazon EC2 machines with a help of Ansible. Now, I get the following error:

fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "Instance creation failed => InvalidKeyPair.NotFound: The key pair '~/.keys/EC2-Kibi-Enterprise-Deployment.pem' does not exist"}

But the .pem key exists:

$ ls -lh ~/.keys/EC2-Kibi-Enterprise-Deployment.pem 
-r-------- 1 sergey sergey 1.7K Apr  6 09:56 /home/sergey/.keys/EC2-Kibi-Enterprise-Deployment.pem

And it was created in EU (Ireland) region.

Here is my playbook:

--
- name: Setup servers on Amazon EC2 machines
  hosts: localhost
  gather_facts: no

  tasks:
    - include_vars: group_vars/all/ec2_vars.yml

    ### Create Amazon EC2 instances
    - name: Amazon EC2 | Create instances
      ec2:
        count: "{{ count }}"
        key_name: "{{ key }}"
        region: "{{ region }}"
        zone: "{{ zone }}"
        group: "{{ group }}"
        instance_type: "{{ machine }}"
        image: "{{ image }}"
        wait: true
        wait_timeout: 500
        #vpc_subnet_id: "{{ subnet }}" 
        #assign_public_ip: yes
      register: ec2

    - name: Amazon EC2 | Wait for SSH to come up
      wait_for:
        host: "{{ item.public_ip }}"
        port: 22
        delay: 10
        timeout: 60
        state: started
      with_items: "{{ ec2.instances }}"

    - name: Amazon EC2 | Add hosts to the kibi_servers in-memory inventory group
      add_host: hostname={{ item.public_ip }} groupname=kibi_servers
      with_items: "{{ ec2.instances }}"
    ### END

### Provision roles
- name: Amazon EC2 | Provision new instances
  hosts: kibi_servers
  become: yes
  roles:
    - common
    - java
    - elasticsearch
    - logstash
    - nginx
    - kibi
    - supervisor
### END

And my var file:

count: 2
region: eu-west-1
zone: eu-west-1a
group: default
image:  ami-d1ec01a6
machine: t2.medium
subnet: subnet-3a2aa952
key: ~/.keys/EC2-Kibi-Enterprise-Deployment.pem

What is wrong with the .pem file here?

Answer 1

The key parameter for the ec2 module is looking for the key pair name that has been already uploaded to AWS, not a local key.

If you want to get Ansible to upload a public key you can use the ec2_key module.

So your playbook would look like this:

--
- name: Setup servers on Amazon EC2 machines
  hosts: localhost
  gather_facts: no

  tasks:
    - include_vars: group_vars/all/ec2_vars.yml

    ### Create Amazon EC2 key pair
    - name: Amazon EC2 | Create Key Pair
      ec2_key:
        name: "{{ key_name }}"
        region: "{{ region }}"
        key_material: "{{ item }}"
      with_file: /path/to/public_key.id_rsa.pub

    ### Create Amazon EC2 instances
    - name: Amazon EC2 | Create instances
      ec2:
        count: "{{ count }}"
        key_name: "{{ key_name }}"
        ...