ec2-vpc

What is it?

This tool creates a new Virtual Private Cloud (VPC), some public subnets, and an internet gateway.

Why use it?

To provide a simple and easy-to-use interface for managing network resources.

How does it work?

Pre-requisites

• Python: boto (not boto3)

vpc_service_env: 'dev'        # The actual VPC name will include this environment tag, e.g., name_env
vpc_service_state: 'present'  # Set to 'absent' to remove the resources later

vpc_name: 'test'              # Name of the VPC
vpc_cidr: '10.0.0.0/16'      # The CIDR block for the VPC
vpc_region: 'us-east-1'      # AWS region for the VPC
vpc_public_subnet_cidrs:
  - '10.0.1.0/24'            # You can choose your own CIDR for the subnets
  - '10.0.2.0/24'            # Just make sure to calculate it correctly
vpc_public_subnet_azs:
  '10.0.1.0/24': 'a'         # These keys must match the values in vpc_public_subnet_cidrs
  '10.0.2.0/24': 'b'         # You can have more entries here, but cover all values above

How it works behind the scenes

library/get_subnet_ids.py

This script filters out and returns only the subnet IDs from a large object containing lots of information.

library/rtb_deleteable.py

This module analyzes the information returned by ec2_vpc_route_table_facts. It takes the data it produces and creates a new dictionary where the keys are route table IDs, and the values indicate whether it's safe to delete that route table. It checks for a flag that shows if a route table is the "main" one.

Why does this matter?

The "main" route table can't be deleted unless you delete the entire VPC, so we need to ignore it. However, working with such complex data using only Ansible can be difficult. Luckily, it's easy to include a simple Python script in an Ansible role to help with this.