dereferensing ec2_vpc_route_table_facts
22 views
Skip to first unread message
SN
Nov 16, 2017, 2:58:26 PM11/16/17
to Ansible Project
Hey gang. Need some help. I tried multiple ways, nothing seem to work exactly as i need/expect.
I think my question could be generalized better, but let me try it with my exact use case.
So, for a given VPC, i need to add s3 endpoint to every single route table.
The ec2_vpc_endpoint should accept a list of route_table_ids, but for the life of me i can not get them fom ec2_vpc_route_table_facts.
I tried dumping them into a variable, etc -- nothing seems to work
In the example below, i do get that list and iterate over it -- which creates multiple vpc endpoints. I need one endpoint, added to multiple route tables.
Any suggestions of how to specify route_table_ids from the ec2_vpc_route_table_facts?
Help would be greatly appretiated.
---
- name: if craated new vpc, use it ID
set_fact: VPC_ID="{{CREATED_VPC_ID}}"
when: CREATED_VPC_ID is defined
- name: Get list of all of the routetables in the vpc
ec2_vpc_route_table_facts:
filters:
vpc-id: "{{VPC_ID}}"
aws_access_key: "{{AWS_ACCESS_KEY}}"
aws_secret_key: "{{AWS_SECRET_KEY}}"
region: "{{ec2_region}}"
validate_certs: no
register: vpc_rtbs
#- debug: var=vpc_rtbs
- set_fact:
rtbs_ids: "{{vpc_rtbs.route_tables}}"
- debug: var="{{item}}"
with_items: vpc_rtbs.route_tables
- name: Create VPC Endpoint
ec2_vpc_endpoint:
aws_access_key: "{{AWS_ACCESS_KEY}}"
aws_secret_key: "{{AWS_SECRET_KEY}}"
state: present
region: "{{ec2_region}}"
vpc_id: "{{VPC_ID}}"
service: "com.amazonaws.{{ec2_region}}.s3"
route_table_ids: "{{item.id}}"
with_items: "{{vpc_rtbs.route_tables}}"
register: new_vpc_endpoint
Sergey Nemirovsky
Nov 27, 2017, 3:22:53 PM11/27/17
to Ansible Project
To close the lop on this.. this was the solution that worked.
---
- include_vars: "{{CONF_DIR}}/auth/AWS/{{account}}.yml"
---
- include_vars: "{{CONF_DIR}}/auth/AWS/{{account}}.yml"
- name: if craated new vpc, use it ID
set_fact: VPC_ID="{{CREATED_VPC_ID}}"
when: CREATED_VPC_ID is defined
- name: Get list of all of the routetables in the vpc
ec2_vpc_route_table_facts:
filters:
vpc-id: "{{VPC_ID}}"
aws_access_key: "{{AWS_ACCESS_KEY}}"
aws_secret_key: "{{AWS_SECRET_KEY}}"
region: "{{ec2_region}}"
validate_certs: no
register: vpc_rtbs
- debug: var=vpc_rtbs
- set_fact:
route_table_ids: "{{ vpc_rtbs.route_tables|map(attribute='id')|list }}"
- set_fact:
route_table_ids: "{{ vpc_rtbs.route_tables|map(attribute='id')|list }}"
#- debug: var=vpc_rtbs
- set_fact:
rtbs_ids: "{{vpc_rtbs.route_tables}}"
- debug: var="{{item}}"
with_items: vpc_rtbs.route_tables
- name: Create VPC Endpoint
ec2_vpc_endpoint:
aws_access_key: "{{AWS_ACCESS_KEY}}"
aws_secret_key: "{{AWS_SECRET_KEY}}"
state: present
region: "{{ec2_region}}"
vpc_id: "{{VPC_ID}}"
service: "com.amazonaws.{{ec2_region}}.s3"
route_table_ids: "{{route_table_ids}}"
# with_items: "{{vpc_rtbs.route_tables}}"
register: new_vpc_endpoint
# with_items: "{{vpc_rtbs.route_tables}}"
register: new_vpc_endpoint
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/tb6OeERyQhg/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/10fae768-813b-40fd-8d75-228c4280d27a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Thank you
Sergey Nemirovsky
Reply all
Reply to author
Forward
0 new messages