-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathprepare_aws_environment.yml
123 lines (108 loc) · 3.54 KB
/
prepare_aws_environment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
---
- name: Create AWS resources
hosts: localhost
connection: local
gather_facts: false
module_defaults:
group/aws:
region: us-east-1
tags:
function: lightspeed-demo
tasks:
# Check for controller job template _SANDBOX_ID var or terminal env var
- name: Check if this is Instruqt environment
ansible.builtin.set_fact:
__sandbox_id: "{{ _SANDBOX_ID | default(lookup('ansible.builtin.env', '_SANDBOX_ID')) }}"
- name: Create EC2 key pair in Instruqt environment
when: __sandbox_id | length > 0
block:
# Evaluates to true if running from the terminal
- name: Check if ~/.ssh/instruqt_lab exists
ansible.builtin.stat:
path: ~/.ssh/instruqt_lab
register: __instruqt_ssh_key
- name: Create keypair called lightspeed-keypair from instruqt_lab.pub key
amazon.aws.ec2_key:
name: lightspeed-keypair
key_material: "{{ lookup('ansible.builtin.file', '~/.ssh/instruqt_lab.pub') }}"
when: __instruqt_ssh_key.stat.exists
register: ec2_key
- name: Create files folder
ansible.builtin.file:
path: files
state: directory
mode: '0755'
when: __instruqt_ssh_key.stat.exists
- name: Copy instruqt_lab key to files folder
ansible.builtin.copy:
src: ~/.ssh/instruqt_lab
dest: files/aws_demo_ssh_key
mode: '0600'
when: __instruqt_ssh_key.stat.exists
- name: Create files folder
ansible.builtin.file:
state: directory
path: files
mode: '0755'
- name: Create key pair called lightspeed-keypair
amazon.aws.ec2_key:
name: lightspeed-keypair
register: ec2_key
when: __sandbox_id | length == 0
notify:
- Save private key file
- name: Create VPC named vpc-lightspeed
amazon.aws.ec2_vpc_net:
name: vpc-lightspeed
cidr_block: 10.0.0.0/16
tags:
Name: vpc-lightspeed
state: present
register: ec2_vpc_net
- name: Create vpc_id var
ansible.builtin.set_fact:
vpc_id: "{{ ec2_vpc_net.vpc.id }}"
- name: Create security group named secgroup-lightspeed in vpc-lightspeed vpc
amazon.aws.ec2_security_group:
name: secgroup-lightspeed
description: SSH access
vpc_id: "{{ vpc_id }}"
state: present
rules:
- proto: tcp
ports:
- 22
cidr_ip: 0.0.0.0/0
rule_desc: allow all on ssh port
register: secgroup_lightspeed
- name: Create subnet with 10.0.1.0/24 cidr called subnet-lightspeed
amazon.aws.ec2_vpc_subnet:
vpc_id: "{{ vpc_id }}"
cidr: 10.0.1.0/24
az: us-east-1a
state: present
tags:
Name: subnet-lightspeed
register: subnet_lightspeed
- name: Create internet gateway
amazon.aws.ec2_vpc_igw:
vpc_id: "{{ vpc_id }}"
tags:
Name: gateway-lightspeed
state: present
register: igw
- name: Create public route table
amazon.aws.ec2_vpc_route_table:
vpc_id: "{{ vpc_id }}"
subnets:
- "{{ subnet_lightspeed.subnet.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: "{{ igw.gateway_id }}"
register: public_route_table
handlers:
- name: Save private key file
ansible.builtin.copy:
content: "{{ ec2_key.key.private_key }}"
dest: "files/lightspeed-keypair.pem"
mode: '0600'