ec2_vpc - configure AWS virtual private clouds

Author:Carson Gee

Synopsis

New in version 1.4.

Create or terminates AWS virtual private clouds. This module has a dependency on python-boto.

Options

parameter required default choices comments
aws_access_key no None
    AWS access key. If not set then the value of the AWS_ACCESS_KEY environment variable is used.
    aws_secret_key no None
      AWS secret key. If not set then the value of the AWS_SECRET_KEY environment variable is used.
      cidr_block yes
        The cidr block representing the VPC, e.g. 10.0.0.0/16
        dns_hostnames no yes
        • yes
        • no
        toggles the "Enable DNS hostname support for instances" flag
        dns_support no yes
        • yes
        • no
        toggles the "Enable DNS resolution" flag
        instance_tenancy no default
        • default
        • dedicated
        The supported tenancy options for instances launched into the VPC.
        internet_gateway no no
        • yes
        • no
        Toggle whether there should be an Internet gateway attached to the VPC
        region no
          region in which the resource exists.
          route_tables no
            A dictionary array of route tables to add of the form: { subnets: [172.22.2.0/24, 172.22.3.0/24,], routes: [{ dest: 0.0.0.0/0, gw: igw},] }. Where the subnets list is those subnets the route table should be associated with, and the routes list is a list of routes to be in the table. The special keyword for the gw of igw specifies that you should the route should go through the internet gateway attached to the VPC. gw also accepts instance-ids in addition igw. This module is currently unable to affect the 'main' route table due to some limitations in boto, so you must explicitly define the associated subnets or they will be attached to the main table implicitly.
            state yes present
              Create or terminate the VPC
              subnets no
                A dictionary array of subnets to add of the form: { cidr: ..., az: ... }. Where az is the desired availability zone of the subnet, but it is not required. All VPC subnets not in this list will be removed.
                validate_certs no yes
                • yes
                • no
                When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0. (added in Ansible 1.5)
                vpc_id no
                  A VPC id to terminate when state=absent
                  wait no no
                  • yes
                  • no
                  wait for the VPC to be in state 'available' before returning
                  wait_timeout no 300
                    how long before wait gives up, in seconds

                    Note

                    Requires boto

                    Examples


                    # Note: None of these examples set aws_access_key, aws_secret_key, or region.
                    # It is assumed that their matching environment variables are set.
                    
                    # Basic creation example:
                          local_action:
                            module: ec2_vpc
                            state: present
                            cidr_block: 172.23.0.0/16
                            region: us-west-2
                    # Full creation example with subnets and optional availability zones.
                    # The absence or presense of subnets deletes or creates them respectively.
                          local_action:
                            module: ec2_vpc
                            state: present
                            cidr_block: 172.22.0.0/16
                            subnets:
                              - cidr: 172.22.1.0/24
                                az: us-west-2c
                              - cidr: 172.22.2.0/24
                                az: us-west-2b
                              - cidr: 172.22.3.0/24
                                az: us-west-2a
                            internet_gateway: True
                            route_tables:
                              - subnets:
                                  - 172.22.2.0/24
                                  - 172.22.3.0/24
                                routes:
                                  - dest: 0.0.0.0/0
                                    gw: igw
                              - subnets:
                                  - 172.22.1.0/24
                                routes:
                                  - dest: 0.0.0.0/0
                                    gw: igw
                            region: us-west-2
                          register: vpc
                    
                    # Removal of a VPC by id
                          local_action:
                            module: ec2_vpc
                            state: absent
                            vpc_id: vpc-aaaaaaa
                            region: us-west-2
                    If you have added elements not managed by this module, e.g. instances, NATs, etc then
                    the delete will fail until those dependencies are removed.