-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathise_in_aws.vpc.yaml
79 lines (74 loc) · 2.28 KB
/
ise_in_aws.vpc.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
---
- name: Create VPC
amazon.aws.ec2_vpc_net:
state: present
name: "{{ aws_vpc_name }}"
region: "{{ aws_region }}"
cidr_block: "{{ aws_vpc_cidr }}"
tags:
Name: "vpc_{{ project_name }}"
project: "{{ project_name }}"
started: "{{ '%Y-%m-%dT%H:%M:%S-%Z' | strftime }}"
register: vpc
- name: Create an Internet Gateway to connect VPC to Internet
community.aws.ec2_vpc_igw:
state: present
vpc_id: "{{ vpc.vpc.id }}"
tags:
Name: "igw_{{ project_name }}"
project: "{{ project_name }}"
started: "{{ '%Y-%m-%dT%H:%M:%S-%Z' | strftime }}"
register: igw
- name: Create Public_Subnet
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ vpc.vpc.id }}"
cidr: "{{ aws_public_subnet_cidr }}"
region: "{{ aws_region }}"
map_public: yes # assigned public IP address by default
tags:
Name: Public_Subnet
project: "{{ project_name }}"
started: "{{ '%Y-%m-%dT%H:%M:%S-%Z' | strftime }}"
register: subnet_public
- name: Create Private_Subnet
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ vpc.vpc.id }}"
cidr: "{{ aws_private_subnet_cidr }}"
region: "{{ aws_region }}"
tags:
Name: Private_Subnet
project: "{{ project_name }}"
started: "{{ '%Y-%m-%dT%H:%M:%S-%Z' | strftime }}"
register: subnet_private
- name: Create Public Route Table; Add Route from VPC to Internet Gateway
community.aws.ec2_vpc_route_table:
state: present
vpc_id: "{{ vpc.vpc.id }}"
subnets:
- "{{ subnet_public.subnet.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: "{{ igw.gateway_id }}"
tags:
Name: RT_Public
project: "{{ project_name }}"
started: "{{ '%Y-%m-%dT%H:%M:%S-%Z' | strftime }}"
register: rt_public
- name: Create Private Route Table
community.aws.ec2_vpc_route_table:
vpc_id: "{{ vpc.vpc.id }}"
subnets:
- "{{ subnet_private.subnet.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: "{{ igw.gateway_id }}"
# 💡 Update this with other VPN networks after vMX creation! 💡
# - dest: 192.168.0.0/16
# instance_id: "{{ vmx.instance_id }}"
tags:
Name: RT_Private
project: "{{ project_name }}"
started: "{{ '%Y-%m-%dT%H:%M:%S-%Z' | strftime }}"
register: rt_private