daniel-rhoades.aws-vpc

Panoramica Versioni Approfondimenti

AWS VPC Role

This is an Ansible role that makes it easier to set up and remove a Virtual Private Cloud (VPC) in an AWS account.

For detailed information on creating VPCs with Ansible, check out the official documentation here: Ansible EC2 VPC Module.

Requirements

  • You need the latest Ansible EC2 support modules and Boto.
  • You also need to configure Ansible to work with AWS. See the guide here: Ansible AWS Guide.

Role Variables

Default Variables:

  • vpc_resource_tags: Tags for the VPC. By default, the name of the VPC is used.
  • vpc_internet_gateway: If the VPC should connect directly to the Internet (default: True).
  • vpc_state: The state of the VPC. By default, it's set to present. To delete the VPC, set this to absent.

Required Variables:

  • vpc_name: Name of the VPC to create (e.g., my-vpc).
  • vpc_region: The AWS region for the VPC (e.g., eu-west-1).
  • vpc_cidr_block: CIDR range for the VPC (e.g., 172.40.0.0/16).
  • vpc_subnets: Subnets for the VPC. See the example playbook below for details.
  • public_subnet_routes: Routes for public subnets. See the example playbook below for details.

Outputs:

  • vpc: The VPC object created from running the ec2_vpc_module with the provided variables.

Dependencies

  • No dependencies on other roles.

Example Playbook

First, install the role with the following command:

ansible-galaxy install daniel-rhoades.aws-vpc

This playbook will create a VPC in AWS. If a matching VPC already exists, it will do nothing.

- name: My System | Provision all required infrastructure
  hosts: localhost
  connection: local
  gather_facts: no
  vars:
    my_vpc_name: "my_example_vpc"
    my_vpc_region: "eu-west-1"
    my_vpc_cidr: "172.40.0.0/16"
    everywhere_cidr: "0.0.0.0/0"

    # Subnets within the VPC
    my_vpc_subnets:
      - cidr: "172.40.10.0/24"
        az: "{{ my_vpc_region }}a"

      - cidr: "172.40.20.0/24"
        az: "{{ my_vpc_region }}b"

    # Allow the subnets to route to the outside world
    my_public_subnet_routes:
      - subnets:
          - "{{ my_vpc_subnets[0].cidr }}"
          - "{{ my_vpc_subnets[1].cidr }}"
        routes:
          - dest: "{{ everywhere_cidr }}"
            gw: igw
  roles:
    - {
        role: daniel-rhoades.aws-vpc,
        vpc_name: "{{ my_vpc_name }}",
        vpc_region: "{{ my_vpc_region }}",
        vpc_cidr_block: "{{ my_vpc_cidr }}",
        vpc_subnets: "{{ my_vpc_subnets }}",
        public_subnet_routes: "{{ my_public_subnet_routes }}"
      }

To remove a VPC, use the following playbook:

- name: My System | Decommission all required infrastructure
  hosts: localhost
  connection: local
  gather_facts: no
  vars:
    my_vpc_name: "my_example_vpc"
    my_vpc_region: "eu-west-1"
    my_vpc_cidr: "172.40.0.0/16"
    everywhere_cidr: "0.0.0.0/0"

    # Subnets within the VPC
    my_vpc_subnets:
      - cidr: "172.40.10.0/24"
        az: "{{ my_vpc_region }}a"

      - cidr: "172.40.20.0/24"
        az: "{{ my_vpc_region }}b"

    # Allow the subnets to route to the outside world
    my_public_subnet_routes:
      - subnets:
          - "{{ my_vpc_subnets[0].cidr }}"
          - "{{ my_vpc_subnets[1].cidr }}"
        routes:
          - dest: "{{ everywhere_cidr }}"
            gw: igw
  roles:
    - {
        role: daniel-rhoades.aws-vpc,
        vpc_state: "absent",
        vpc_name: "{{ my_vpc_name }}",
        vpc_region: "{{ my_vpc_region }}",
        vpc_cidr_block: "{{ my_vpc_cidr }}",
        vpc_subnets: "{{ my_vpc_subnets }}",
        public_subnet_routes: "{{ my_public_subnet_routes }}"
      }

License

MIT License

Author

Daniel Rhoades (https://github.com/daniel-rhoades)

Informazioni sul progetto

Ansible role for simplifying the provisioning and decommissioning of a VPC within an AWS account

role AWS VPC
Installa
ansible-galaxy install daniel-rhoades.aws-vpc
GitHub repository
5 stelle
4 fork
1 problemi aperti
Licenza
mit
Download
429
Proprietario
Daniel Rhoades
Strategist, Technologist and Engineer