From 8340a2a2e78ba728ab0aa82973477bb9d8e38c40 Mon Sep 17 00:00:00 2001
From: Justin Wind <j.wind@partner.samsung.com>
Date: Tue, 7 Mar 2017 15:03:40 -0800
Subject: [PATCH] add initial vpc buildout role

---
 roles/aws-vpc/tasks/main.yml | 72 ++++++++++++++++++++++++++++++++++++
 1 file changed, 72 insertions(+)
 create mode 100644 roles/aws-vpc/tasks/main.yml

diff --git a/roles/aws-vpc/tasks/main.yml b/roles/aws-vpc/tasks/main.yml
new file mode 100644
index 0000000..26a75ae
--- /dev/null
+++ b/roles/aws-vpc/tasks/main.yml
@@ -0,0 +1,72 @@
+---
+- name: VPC
+  ec2_vpc_net:
+    state: present
+    name: "{{ vpc_name }}"
+    cidr_block: "{{ vpc_cidr }}"
+    region: "{{ vpc_region }}"
+  register: vpc
+
+- name: IGW
+  ec2_vpc_igw:
+    state: present
+    vpc_id: "{{ vpc.vpc.id }}"
+    region: "{{ vpc_region }}"
+  register: igw
+
+- name: Name IGW
+  ec2_tag:
+    state: present
+    resource: "{{ igw.gateway_id }}"
+    region: "{{ vpc_region }}"
+    tags:
+      Name: "igw-{{ vpc_region }}"
+
+- name: Subnets
+  with_items: "{{ subnets_pub + subnets_priv }}"
+  ec2_vpc_subnet:
+    state: present
+    vpc_id: "{{ vpc.vpc.id }}"
+    region: "{{ vpc_region }}"
+    cidr: "{{ item.cidr }}"
+    az: "{{ item.az }}"
+    tags: "{{ item.resource_tags }}"
+
+- name: Access/NAT EIP
+  ec2_eip:
+    in_vpc: yes
+    region: "{{ vpc_region }}"
+    reuse_existing_ip_allowed: yes
+  register: access_eip
+
+- name: Private route table
+  ec2_vpc_route_table:
+    state: present
+    vpc_id: "{{ vpc.vpc.id }}"
+    region: "{{ vpc_region }}"
+    tags:
+      Name: "Private-Routes-vpc-{{ vpc_region }}"
+      zone: priv
+      managed: 'yes'
+    subnets: "{{ subnets_priv|map(attribute='cidr')|list }}"
+  register: private_rt
+
+- name: Public route table
+  ec2_vpc_route_table:
+    state: present
+    vpc_id: "{{ vpc.vpc.id }}"
+    region: "{{ vpc_region }}"
+    tags:
+      Name: "Public-Routes-vpc-{{ vpc_region }}"
+      zone: pub
+      managed: 'no'
+    subnets: "{{ subnets_pub|map(attribute='cidr')|list }}"
+    routes:
+      - dest: 0.0.0.0/0
+        gateway_id: "{{ igw.gateway_id }}"
+  register: public_rt
+
+- name: not implemented yet
+  debug:
+    msg: |
+      Change pub-subnets to auto-assign external IPs
-- 
2.43.2