further progress on infrastructure buildout

[awsible] / roles / aws-vpc-infrastructure / tasks / main.yml

---
- assert:
    that:
    - vpc_region != ''
    - vpc_subnets_pub != ''
    - vpc_subnets_priv != ''
  tags: ['check_vars']

- name: IGW
  ec2_vpc_igw:
    state: present
    vpc_id: "{{ vpc.vpc.id }}"
    region: "{{ vpc_region }}"
  register: igw

- name: Name IGW
  ec2_tag:
    state: present
    resource: "{{ igw.gateway_id }}"
    region: "{{ vpc_region }}"
    tags:
      Name: "igw-{{ vpc_region }}"

- name: Subnets
  with_items: "{{ vpc_subnets_pub + vpc_subnets_priv }}"
  ec2_vpc_subnet:
    state: present
    vpc_id: "{{ vpc.vpc.id }}"
    region: "{{ vpc_region }}"
    cidr: "{{ item.cidr }}"
    az: "{{ item.az }}"
    tags: "{{ item.resource_tags }}"

- name: Access/NAT EIP
  ec2_eip:
    in_vpc: yes
    region: "{{ vpc_region }}"
    reuse_existing_ip_allowed: yes
  register: access_eip

- name: Private route table
  ec2_vpc_route_table:
    state: present
    vpc_id: "{{ vpc.vpc.id }}"
    region: "{{ vpc_region }}"
    tags:
      Name: "Private-Routes-vpc-{{ vpc_region }}"
      zone: priv
      managed: 'yes'
    subnets: "{{ vpc_subnets_priv|map(attribute='cidr')|list }}"
  register: private_rt

- name: Public route table
  ec2_vpc_route_table:
    state: present
    vpc_id: "{{ vpc.vpc.id }}"
    region: "{{ vpc_region }}"
    tags:
      Name: "Public-Routes-vpc-{{ vpc_region }}"
      zone: pub
      managed: 'no'
    subnets: "{{ vpc_subnets_pub|map(attribute='cidr')|list }}"
    routes:
      - dest: 0.0.0.0/0
        gateway_id: "{{ igw.gateway_id }}"
  register: public_rt

- name: not implemented yet
  debug:
    msg: |
      Change pub-subnets to auto-assign external IPs