I’ve seen a few posts now in the AWX Google Group asking for help securing their AWX connection via SSL. There isn’t currently a configurable way to do this with the default containers and installation procedure. I’ve heard that it’s possible by modifying the nginx install within the awx_web container, but I don’t like the idea of needing to do that with each new build. Instead, I created my own, minimally configured nginx container to serve as an SSL termination point.
In part one we got our container registry filled out with our docker repositories. In this part we will get our PostgreSQL database set up using Amazon RDS and bring up our containers with ECS. Once again, take note that any part of this guide that is insecure to run in production I’ll have a bold UNSAFE tag next to it. I believe the only places you’ll find this though is in the container environment variables which will have some secrets in plain text.
Intro to Series AWS recently announced a lot of things at RE:Invent and one of the more exciting new toys is Fargate! Another thing I’ve been acquainting myself with lately is Ansible’s AWX, the open source version of their Ansible frontend: Tower. I’m writing this series to show how I got AWX up and running in Fargate. Since both of these things are fairly new, it took quite a bit of documentation reading, but all in all I’m happy with the end result.