Skip to content
Permalink
e71d638894
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time
137 lines (118 sloc) 5.02 KB
---
- hosts: localhost
connection: local
gather_facts: False
tasks:
- name: VPC for COmanage Registry training
amazon.aws.ec2_vpc_net:
name: comanage_training
cidr_block: "{{ vpc_cidr_block }}"
region: "{{ comanage_training_region }}"
tags:
Name: VPC for COmanage Registry training
tenancy: default
register: comanage_training_vpc
# refer to the VPC id using {{ comanage_training_vpc.vpc.id }}
- name: List VPC information
debug:
msg: "vpc_id: {{ comanage_training_vpc.vpc.id }}"
- name: Internet gateway for COmanage Registry training VPC
community.aws.ec2_vpc_igw:
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
state: present
tags:
Name: comanage_training_igw
register: igw
- name: List IGW information
debug:
msg: "gateway_id: {{ igw.gateway_id }}"
- name: Public subnet for COmanage Registry training
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
cidr: "{{ item.value.public_subnet }}"
az: "{{ comanage_training_region }}{{ item.key }}"
tags:
Name: "{{ item.key }}-public-comanage-training"
register: subnet_public
loop: "{{ vpc_availability_zone | dict2items }}"
- name: List public subnet information
debug:
msg: "{{ item.subnet.availability_zone }}|{{ item.subnet.id }}|{{ item.subnet.cidr_block }}"
loop: "{{ subnet_public.results }}"
- name: Build public_subnet_id_by_az dictionary
set_fact:
public_subnet_id_by_az: "{{ public_subnet_id_by_az | default({}) | combine( {item.subnet.availability_zone: item.subnet.id} ) }}"
loop: "{{ subnet_public.results }}"
- name: Build public_subnet_ids
set_fact:
public_subnet_ids: "{{ public_subnet_ids | default([]) + [ item.subnet.id ] }}"
loop: "{{ subnet_public.results }}"
- name: Route table through Internet gateway for public subnets
community.aws.ec2_vpc_route_table:
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
tags:
Name: comanage_training_public_igw
subnets: "{{ public_subnet_ids }}"
routes:
- dest: 0.0.0.0/0
gateway_id: igw
- name: NAT gateway for public subnet
community.aws.ec2_vpc_nat_gateway:
region: "{{ comanage_training_region }}"
state: present
subnet_id: "{{ item.subnet.id }}"
if_exist_do_not_create: yes
wait: yes
register: nat_gateway
loop: "{{ subnet_public.results }}"
- name: List NAT GW information
debug:
msg: "nat_gateway_id: {{ item.nat_gateway_id }} , subnet_id: {{ item.subnet_id }}, cidr_block: {{ item.item.subnet.cidr_block }}"
loop: "{{ nat_gateway.results }}"
- name: Build nat_id_by_az dictionary
set_fact:
nat_id_by_az: "{{ nat_id_by_az | default({}) | combine( {item.item.subnet.availability_zone: item.nat_gateway_id} ) }}"
loop: "{{ nat_gateway.results }}"
- name: Private subnet for COmanage Registry training
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
cidr: "{{ item.value.private_subnet }}"
az: "{{ comanage_training_region }}{{ item.key }}"
tags:
Name: "{{ item.key }}-private-comanage-training"
register: subnet_private
loop: "{{ vpc_availability_zone | dict2items }}"
- name: List private subnets
debug:
msg: "private|{{ item.subnet.id }}|{{ item.subnet.availability_zone }}|{{ item.subnet.cidr_block }}"
loop: "{{ subnet_private.results }}"
- name: Build private_subnet_id_by_az dictionary
set_fact:
private_subnet_id_by_az: "{{ private_subnet_id_by_az | default({}) | combine( {item.subnet.availability_zone: item.subnet.id} ) }}"
loop: "{{ subnet_private.results }}"
- name: Build private_subnet_cidr_by_az dictionary
set_fact:
private_subnet_cidr_by_az: "{{ private_subnet_cidr_by_az | default({}) | combine( {item.subnet.availability_zone: item.subnet.cidr_block} ) }}"
loop: "{{ subnet_private.results }}"
- name: Build private_subnet_ids
set_fact:
private_subnet_ids: "{{ private_subnet_ids | default([]) + [ item.subnet.id ] }}"
loop: "{{ subnet_private.results }}"
- name: Build routing tables for private subnet through NAT GW
community.aws.ec2_vpc_route_table:
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
tags:
Name: "comanage-training-private-{{ item.item.key }}"
subnets:
- "{{ item.subnet.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: "{{ nat_id_by_az[item.subnet.availability_zone] }}"
loop: "{{ subnet_private.results }}"