Ansible with Terraform 0.14.x
Dockerfile: https://github.com/radekg/terraform-provisioner-ansible/pull/91, usage documented in the readme
ansible_ssh_settings.insecure_no_strict_host_key_checking: if true, host key checking will be disabled when connecting to the target host, default false; when connecting via bastion, bastion will not execute any SSH keyscanansible_ssh_settings.insecure_bastion_no_strict_host_key_checking: if true, host key checking will be disabled when connecting to the bastion host, default false
ansible_ssh_settings.user_known_hosts_file: used only when ansible_ssh_settings.insecure_no_strict_host_key_checking=false; if set, the provided path will be used instead of an auto-generate known hosts file; when executing via bastion host, it allows the administrator to provide a known hosts file, no SSH keyscan will be executed on the bastion; default empty string
ansible_ssh_settings.bastion_user_known_hosts_file: used only when ansible_ssh_settings.insecure_bastion_no_strict_host_key_checking=false; if set, the provided path will be used instead of an auto-generate known hosts filesshagent; additional private key examples will be provided laterANSIBLE_FORCE_COLOR regardless of playbook or module
1.0.0 was implemented very badly, generally, that version should not be used when bastion host should be used; there are no plans for fixing 1.0.0 bastion support, please switch to 2.x
remote {} resourceplays.playbook and plays.module to a resourceyes/no strings, boolean values are used insteaddefaults resourcediff, become and verbose can be set only on plays, no default override for boolean values--diff support--vault_id supportansible_ssh_settings {} resource instead of magic environment variablesconnection.host_key and connection.bastion_host_key
First release of the provisioner. Status as of https://github.com/radekg/terraform-provisioner-ansible/commit/25d515efeeac27db4d035fbcda1250eb15863931.
Relevant comment: https://github.com/hashicorp/terraform/issues/2661#issuecomment-423769085