git.squeep.com Git - awsible/blob - roles/module-aws-stack/tasks/main.yml

   1 ---
   2 - assert:
   3     that:
   4     - module != ''
   5     - zone in ('pub', 'priv')
   6     - sg_rules is defined
   7     - elb_type|default('') in ('', 'internal', 'internet-facing')
   8   tags: ['check_vars']
   9
  10 - name: determine subnets for ELB
  11   ec2_vpc_subnet_facts:
  12     region: "{{ vpc_region }}"
  13     filters:
  14       vpc_id: "{{ vpc.vpc.id }}"
  15       "tag:zone": "{{ zone }}"
  16   register: elb_subnet_ids
  17
  18 - name: module IAM role
  19   iam:
  20     name: "{{ module }}"
  21     iam_type: role
  22     state: present
  23
  24 - name: module ELB securitygroup
  25   when: elb_type is defined
  26   ec2_group:
  27     vpc_id: "{{ vpc.vpc.id }}"
  28     region: "{{ vpc_region }}"
  29     state: present
  30     name: "{{ module }}-{{ (elb_type == 'internal')|ternary('int', 'ext') }}-elb"
  31     description: "sg for {{ (elb_type == 'internal')|ternary('internal', 'external') }} elb for {{ module }}"
  32     purge_rules: false
  33     rules: "{{ elb_rules }}"
  34     rules_egress:
  35     - proto: all
  36       cidr_ip: 0.0.0.0/0
  37
  38 - name: module securitygroup
  39   ec2_group:
  40     vpc_id: "{{ vpc.vpc.id }}"
  41     region: "{{ vpc_region }}"
  42     state: present
  43     name: "{{ module }}"
  44     description: "{{ module }} rules"
  45     purge_rules: false
  46     rules: "{{ sg_rules }}"
  47     rules_egress:
  48     - proto: all
  49       cidr_ip: 0.0.0.0/0
  50   register: sg_module
  51
  52 - name: module ELB
  53   when: elb_type is defined
  54   ec2_elb_lb:
  55     region: "{{ vpc_region }}"
  56     state: present
  57     name: "{{ module }}-{{ (elb_type == 'internal')|ternary('int', 'ext') }}-elb"
  58     cross_az_load_balancing: yes
  59     scheme: "{{ elb_type }}"
  60     subnets: "{{ elb_subnet_ids.subnets|default([])|map(attribute='id')|list }}"
  61     security_group_names:
  62     - "{{ module }}-{{ (elb_type == 'internal')|ternary('int', 'ext') }}-elb"
  63     listeners: "{{ elb_listeners }}"
  64     health_check: "{{ elb_healthcheck }}"
  65   register: loadbalancer
  66
  67 - include_role:
  68     name: launchconfig
  69   vars:
  70     security_group_ids:
  71     - "{{ sg_ssh.group_id }}"
  72     - "{{ sg_icmp.group_id }}"
  73     - "{{ sg_module.group_id }}"
  74
  75 - include_role:
  76     name: autoscalinggroup
  77   vars:
  78     load_balancers: "{{ loadbalancer.elb.name|default(omit) }}"