receive_message_wait_time: 0
register: management_failure_queue
-- debug:
- var: management_failure_queue
+# as of Ansible 2.2.1.0 sqs_queue does not seem to be returning queue_arn
- name: Managment queue.
sqs_queue:
purge_subscriptions: False
register: management_notice_topic
-# - name: Ensure management backup bucket exists.
-# s3_bucket:
-# when: MANAGEMENT_BACKUP_S3_BUCKET is defined
-# state: present
-# name: "{{ MANAGEMENT_BACKUP_S3_BUCKET }}"
+- name: Management backup bucket
+ when: MANAGEMENT_BACKUP_S3_BUCKET is defined
+ s3_bucket:
+ state: present
+ name: "{{ MANAGEMENT_BACKUP_S3_BUCKET }}"
- name: sg ssh
ec2_group:
group_name: management-elb
register: sg_management
-- debug:
- var: sg_management
-
- name: elb management-int-elb
ec2_elb_lb:
region: "{{ vpc_region }}"
iam_type: role
state: present
+# this is only ansible 2.3+
+# - name: management role policies
+# iam_role:
+# name: management
+# state: present
+# managed_policy:
+# - arn:aws:iam::{{ ACCT_ID }}:policy/base-policy
+# - arn:aws:iam::{{ ACCT_ID }}:policy/management-policy
+
+# will need to rev name-version when changing AMI
- name: management lc
ec2_lc:
region: "{{ vpc_region }}"
- "{{ sg_ssh.group_id }}"
instance_type: m4.large
volumes:
- - device_name: /dev/sda1
- volume_size: 8
- volume_type: gp2
- delete_on_termination: true
+# setting the root volume seems to prevent instances from launching
+# - device_name: /dev/sda1
+# volume_size: 8
+# volume_type: gp2
+# delete_on_termination: true
- device_name: /dev/sdb
ephemeral: ephemeral0
- device_name: /dev/sdc
ephemeral: ephemeral3
register: mgmt_lc
-- debug:
- var: mgmt_lc
-
- name: management asg
ec2_asg:
region: "{{ vpc_region }}"
min_size: 1
max_size: 1
desired_capacity: 1
+ default_cooldown: 10
vpc_zone_identifier: "{{ MANAGEMENT_SUBNET }}"
launch_config_name: "{{ mgmt_lc.name }}"
notification_topic: "{{ management_topic.sns_arn }}"
- management-int-elb
tags:
- module: management
- propogate_at_launch: yes
+ propagate_at_launch: yes
+- name: not implemented yet
+ debug:
+ msg: |
+ attach policies to iam role