create stacks with more generic role things

[awsible] / roles / common-infrastructure / tasks / main.yml

diff --git a/roles/common-infrastructure/tasks/main.yml b/roles/common-infrastructure/tasks/main.yml
index 6d40a647d3d161f58b18dc4eaea3eb7041db05c9..c3495bca78eb010105cd3a3d389c4273190efebe 100644 (file)
--- a/roles/common-infrastructure/tasks/main.yml
+++ b/roles/common-infrastructure/tasks/main.yml
@@ -1,5 +1,7 @@
 ---
 - name: sg ssh
+  delegate_to: localhost
+  become: no
   ec2_group:
     vpc_id: "{{ vpc.vpc.id }}"
     region: "{{ vpc_region }}"
@@ -16,3 +18,23 @@
     - proto: all
       cidr_ip: 0.0.0.0/0
   register: sg_ssh
+
+- name: sg icmp
+  delegate_to: localhost
+  become: no
+  ec2_group:
+    vpc_id: "{{ vpc.vpc.id }}"
+    region: "{{ vpc_region }}"
+    state: present
+    name: icmp
+    description: "allow icmp from anywhere"
+    purge_rules: false
+    rules:
+    - proto: icmp
+      from_port: -1
+      to_port: -1
+      cidr_ip: 0.0.0.0/0
+    rules_egress:
+    - proto: all
+      cidr_ip: 0.0.0.0/0
+  register: sg_icmp