Setting up PostgreSQL on RDS using ansible is a bit tricky because the main user on RDS is not a SUPERUSER and roles membership is not automatically granted for ex: “ERROR: must be member of role ..” is quite common. Here is a working solution:
Modify Security Groups Command is an easy to use command that you can add to your DevOps to allow adding/Removing IPs or CIDRs to AWS security groups for all protocol and ports. The command is part of AWS PHP Commands.
Usage:
- > php console.php aws:security-groups:modify -h
- Usage:
- aws:security-groups:modify [options]
-
- Options:
- -c, --cidr=CIDR CIDR ex: 64.18.0.0/20 [default: false]
- -o, --operation=OPERATION Operation to perform, one of add or remove [default: "add"]
- -e, --env[=ENV] Which security groups this should run on. One of prod, dev [default: "dev"]
- -h, --help Display this help message
- -q, --quiet Do not output any message
- -V, --version Display this application version
- --ansi Force ANSI output
- --no-ansi Disable ANSI output
- -n, --no-interaction Do not ask any interactive question
- -v|vv|vvv, --verbose Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
-
- Help:
- Adds/removes CIDRs to security groups.
