--- - assert: that: - module != '' - zone in ('pub', 'priv') - sg_rules is defined - elb_type|default('') in ('', 'internal', 'internet-facing') tags: ['check_vars'] - name: determine subnets for ELB ec2_vpc_subnet_facts: region: "{{ vpc_region }}" filters: vpc_id: "{{ vpc.vpc.id }}" "tag:zone": "{{ zone }}" register: elb_subnet_ids - name: module IAM role iam: name: "{{ module }}" iam_type: role state: present - name: module ELB securitygroup when: elb_type is defined ec2_group: vpc_id: "{{ vpc.vpc.id }}" region: "{{ vpc_region }}" state: present name: "{{ module }}-{{ (elb_type == 'internal')|ternary('int', 'ext') }}-elb" description: "sg for {{ (elb_type == 'internal')|ternary('internal', 'external') }} elb for {{ module }}" purge_rules: false rules: "{{ elb_rules }}" rules_egress: - proto: all cidr_ip: 0.0.0.0/0 - name: module securitygroup ec2_group: vpc_id: "{{ vpc.vpc.id }}" region: "{{ vpc_region }}" state: present name: "{{ module }}" description: "{{ module }} rules" purge_rules: false rules: "{{ sg_rules }}" rules_egress: - proto: all cidr_ip: 0.0.0.0/0 register: sg_module - name: module ELB when: elb_type is defined ec2_elb_lb: region: "{{ vpc_region }}" state: present name: "{{ module }}-{{ (elb_type == 'internal')|ternary('int', 'ext') }}-elb" cross_az_load_balancing: yes scheme: "{{ elb_type }}" subnets: "{{ elb_subnet_ids.subnets|default([])|map(attribute='id')|list }}" security_group_names: - "{{ module }}-{{ (elb_type == 'internal')|ternary('int', 'ext') }}-elb" listeners: "{{ elb_listeners }}" health_check: "{{ elb_healthcheck }}" register: loadbalancer - include_role: name: launchconfig vars: security_group_ids: - "{{ sg_ssh.group_id }}" - "{{ sg_icmp.group_id }}" - "{{ sg_module.group_id }}" - include_role: name: autoscalinggroup vars: load_balancers: "{{ loadbalancer.elb.name|default(omit) }}"