diff --git a/terraform/README.md b/terraform/README.md
index 3816d016..2537b7ce 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -163,6 +163,7 @@ terraform apply -var-file=<your_workspace>.tfvars
 
 | Name | Source | Version |
 |------|--------|---------|
+| bod\_bastion\_ansible\_provisioner | github.com/cloudposse/terraform-null-ansible | n/a |
 | bod\_docker\_ansible\_provisioner | github.com/cloudposse/terraform-null-ansible | n/a |
 | cyhy\_bastion\_ansible\_provisioner | github.com/cloudposse/terraform-null-ansible | n/a |
 | cyhy\_dashboard\_ansible\_provisioner | github.com/cloudposse/terraform-null-ansible | n/a |
diff --git a/terraform/bod_bastion_ec2.tf b/terraform/bod_bastion_ec2.tf
index 4677ead3..effb9bdc 100644
--- a/terraform/bod_bastion_ec2.tf
+++ b/terraform/bod_bastion_ec2.tf
@@ -44,3 +44,19 @@ resource "aws_instance" "bod_bastion" {
     },
   )
 }
+
+# Provision the bastion EC2 instance via Ansible
+module "bod_bastion_ansible_provisioner" {
+  source = "github.com/cloudposse/terraform-null-ansible"
+
+  arguments = [
+    "--user=${var.remote_ssh_user}",
+    "--ssh-common-args='-o StrictHostKeyChecking=no'",
+  ]
+  envs = [
+    "host=${aws_instance.bod_bastion.public_ip}",
+    "host_groups=bod_bastion",
+  ]
+  playbook = "../ansible/playbook.yml"
+  dry_run  = false
+}