- action: ec2_facts - name: Managment queue. sqs_queue: state: present name: "{{ MANAGEMENT_EVENT_QUEUE }}" default_visibility_timeout: 30 message_retention_period: 345600 maximum_message_size: 262144 delivery_delay: 0 receive_message_wait_time: 20 - name: Management failure queue. sqs_queue: state: present name: "{{ MANAGEMENT_EVENT_FAILURE_QUEUE }}" default_visibility_timeout: 30 message_retention_period: 1209600 maximum_message_size: 262144 delivery_delay: 0 receive_message_wait_time: 0 - name: Management topic and subscription. sns_topic: state: present name: "{{ MANAGEMENT_EVENT_QUEUE }}" display_name: "management" purge_subscriptions: False subscriptions: - endpoint: "arn:aws:sqs:{{ ansible_ec2_placement_region }}:{{ ACCT_ID }}:{{ MANAGEMENT_EVENT_QUEUE }}" protocol: "sqs" - name: Ensure management backup bucket exists. s3_bucket: state: present when: MANAGEMENT_BACKUP_S3_BUCKET|defined name: "{{ MANAGEMENT_BACKUP_S3_BUCKET }}" - name: sg ssh ec2_group: state: present name: sshOnly description: "allow ssh from anywhere" purge_rules: false rules: - proto: tcp from_port: 22 to_port: 22 cidr_ip: 0.0.0.0/0 rules_egress: - proto: all cidr_ip: 0.0.0.0/0 - name: sg management-elb ec2_group: state: present name: management-elb description: "sg for internal elb for monitoring management" purge_rules: false rules: - proto: tcp from_port: 22 to_port: 22 cidr_ip: 0.0.0.0/0 rules_egress: - proto: all cidr_ip: 0.0.0.0/0 - name: sg management ec2_group: state: present name: management description: "sg for management" purge_rules: false rules: - proto: all group_name: management - proto: all group_name: management-elb - name: elb management-int-elb ec2_elb_lb: state: present name: management-int-elb cross_az_load_balancing: yes scheme: internal subnets: "{{ MANAGEMENT_SUBNET }}" security_group_names: - management-elb listeners: - protocol: tcp load_balancer_port: 22 instance_port: 22 health_check: ping_protocol: tcp ping_port: 22 response_timeout: 5 interval: 30 unhealthy_threshold: 2 healthy_threshold: 2