Skip to content
Permalink
master
Switch branches/tags

comanage-registry-training-ansible/vpc.yml

Go to file
 
 
Cannot retrieve contributors at this time
137 lines (118 sloc) 5.02 KB
Raw Blame
---
- hosts: localhost
connection: local
gather_facts: False
tasks:
- name: VPC for COmanage Registry training
amazon.aws.ec2_vpc_net:
name: comanage_training
cidr_block: "{{ vpc_cidr_block }}"
region: "{{ comanage_training_region }}"
tags:
Name: VPC for COmanage Registry training
tenancy: default
register: comanage_training_vpc
# refer to the VPC id using {{ comanage_training_vpc.vpc.id }}
- name: List VPC information
debug:
msg: "vpc_id: {{ comanage_training_vpc.vpc.id }}"
- name: Internet gateway for COmanage Registry training VPC
community.aws.ec2_vpc_igw:
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
state: present
tags:
Name: comanage_training_igw
register: igw
- name: List IGW information
debug:
msg: "gateway_id: {{ igw.gateway_id }}"
- name: Public subnet for COmanage Registry training
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
cidr: "{{ item.value.public_subnet }}"
az: "{{ comanage_training_region }}{{ item.key }}"
tags:
Name: "{{ item.key }}-public-comanage-training"
register: subnet_public
loop: "{{ vpc_availability_zone | dict2items }}"
- name: List public subnet information
debug:
msg: "{{ item.subnet.availability_zone }}|{{ item.subnet.id }}|{{ item.subnet.cidr_block }}"
loop: "{{ subnet_public.results }}"
- name: Build public_subnet_id_by_az dictionary
set_fact:
public_subnet_id_by_az: "{{ public_subnet_id_by_az | default({}) | combine( {item.subnet.availability_zone: item.subnet.id} ) }}"
loop: "{{ subnet_public.results }}"
- name: Build public_subnet_ids
set_fact:
public_subnet_ids: "{{ public_subnet_ids | default([]) + [ item.subnet.id ] }}"
loop: "{{ subnet_public.results }}"
- name: Route table through Internet gateway for public subnets
community.aws.ec2_vpc_route_table:
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
tags:
Name: comanage_training_public_igw
subnets: "{{ public_subnet_ids }}"
routes:
- dest: 0.0.0.0/0
gateway_id: igw
- name: NAT gateway for public subnet
community.aws.ec2_vpc_nat_gateway:
region: "{{ comanage_training_region }}"
state: present
subnet_id: "{{ item.subnet.id }}"
if_exist_do_not_create: yes
wait: yes
register: nat_gateway
loop: "{{ subnet_public.results }}"
- name: List NAT GW information
debug:
msg: "nat_gateway_id: {{ item.nat_gateway_id }} , subnet_id: {{ item.subnet_id }}, cidr_block: {{ item.item.subnet.cidr_block }}"
loop: "{{ nat_gateway.results }}"
- name: Build nat_id_by_az dictionary
set_fact:
nat_id_by_az: "{{ nat_id_by_az | default({}) | combine( {item.item.subnet.availability_zone: item.nat_gateway_id} ) }}"
loop: "{{ nat_gateway.results }}"
- name: Private subnet for COmanage Registry training
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
cidr: "{{ item.value.private_subnet }}"
az: "{{ comanage_training_region }}{{ item.key }}"
tags:
Name: "{{ item.key }}-private-comanage-training"
register: subnet_private
loop: "{{ vpc_availability_zone | dict2items }}"
- name: List private subnets
debug:
msg: "private|{{ item.subnet.id }}|{{ item.subnet.availability_zone }}|{{ item.subnet.cidr_block }}"
loop: "{{ subnet_private.results }}"
- name: Build private_subnet_id_by_az dictionary
set_fact:
private_subnet_id_by_az: "{{ private_subnet_id_by_az | default({}) | combine( {item.subnet.availability_zone: item.subnet.id} ) }}"
loop: "{{ subnet_private.results }}"
- name: Build private_subnet_cidr_by_az dictionary
set_fact:
private_subnet_cidr_by_az: "{{ private_subnet_cidr_by_az | default({}) | combine( {item.subnet.availability_zone: item.subnet.cidr_block} ) }}"
loop: "{{ subnet_private.results }}"
- name: Build private_subnet_ids
set_fact:
private_subnet_ids: "{{ private_subnet_ids | default([]) + [ item.subnet.id ] }}"
loop: "{{ subnet_private.results }}"
- name: Build routing tables for private subnet through NAT GW
community.aws.ec2_vpc_route_table:
vpc_id: "{{ comanage_training_vpc.vpc.id }}"
region: "{{ comanage_training_region }}"
tags:
Name: "comanage-training-private-{{ item.item.key }}"
subnets:
- "{{ item.subnet.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: "{{ nat_id_by_az[item.subnet.availability_zone] }}"
loop: "{{ subnet_private.results }}"