Puppet Class: psick::aws::puppet::vpc

Defined in:
manifests/aws/puppet/vpc.pp

Overview

Setup a VPC

Parameters:

  • region (String) (defaults to: $::psick::aws::region)
  • ensure (String) (defaults to: 'present')
  • default_cidr_block_prefix (String) (defaults to: $::psick::aws::default_cidr_block_prefix)
  • default_vpc_name (String) (defaults to: $::psick::aws::default_vpc_name)
  • create_defaults (Boolean) (defaults to: $::psick::aws::create_defaults)
  • ec2_vpcs (Hash) (defaults to: { })
  • ec2_vpc_subnets (Hash) (defaults to: { })
  • ec2_vpc_routetables (Hash) (defaults to: { })
  • ec2_vpc_internet_gateways (Hash) (defaults to: { }) 


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
 
# File 'manifests/aws/puppet/vpc.pp', line 2

class psick::aws::puppet::vpc (
  String $region                    = $::psick::aws::region,
  String $ensure                    = 'present',
  String $default_cidr_block_prefix = $::psick::aws::default_cidr_block_prefix,
  String $default_vpc_name          = $::psick::aws::default_vpc_name,
  Boolean $create_defaults          = $::psick::aws::create_defaults,

  Hash   $ec2_vpcs                  = { },
  Hash   $ec2_vpc_subnets           = { },
  Hash   $ec2_vpc_routetables       = { },
  Hash   $ec2_vpc_internet_gateways = { },

) {

  if $ensure == 'absent' {
    #lint:ignore:spaceship_operator_without_tag
    Ec2_vpc_routetable<||>
    -> Ec2_vpc_internet_gateway<||>
    -> Ec2_vpc_subnet<||>
    -> Ec2_vpc<|name == $default_vpc_name|>
    #   Ec2_vpc<||>
    #lint:endignore 
  }

  # Default resources, if enabled
  if $create_defaults {
    $default_ec2_vpcs = {
      $default_vpc_name => {
        ensure       => 'present',
        region       => $region,
        cidr_block   => "${default_cidr_block_prefix}.0.0/16",
      },
    }

    $default_ec2_vpc_internet_gateways = {
      "${default_vpc_name}-igw" => {
        ensure       => $ensure,
        region       => $region,
        vpc          => $default_vpc_name,
      },
    }

    $default_ec2_vpc_routetables = {
      "${default_vpc_name}-public" => {
        ensure       => $ensure,
        region       => $region,
        vpc          => $default_vpc_name,
        routes => [
          {
            destination_cidr_block => '0.0.0.0/0',
            gateway                => "${default_vpc_name}-igw",
          },{
            destination_cidr_block => "${default_cidr_block_prefix}.0.0/16",
            gateway                => 'local'
          },
        ],
      },
    }

    $default_ec2_vpc_subnets = {
      "${default_vpc_name}_dmz_a" => {
        cidr_block        => "${default_cidr_block_prefix}.1.0/24",
        availability_zone => "${region}a",
        route_table       => "${default_vpc_name}-public",
      },
      "${default_vpc_name}_dmz_b" => {
        cidr_block        => "${default_cidr_block_prefix}.2.0/24",
        availability_zone => "${region}b",
        route_table       => "${default_vpc_name}-public",
      },
      "${default_vpc_name}_rds_a" => {
        cidr_block        => "${default_cidr_block_prefix}.41.0/24",
        availability_zone => "${region}a",
      },
      "${default_vpc_name}_rds_b" => {
        cidr_block        => "${default_cidr_block_prefix}.42.0/24",
        availability_zone => "${region}b",
      },
      "${default_vpc_name}_mgmt_a" => {
        cidr_block        => "${default_cidr_block_prefix}.11.0/24",
        availability_zone => "${region}a",
      },
      "${default_vpc_name}_mgmt_b" => {
        cidr_block        => "${default_cidr_block_prefix}.12.0/24",
        availability_zone => "${region}b",
      },
    }
  } else {
    $default_ec2_vpcs = {}
    $default_ec2_vpc_subnets = {}
    $default_ec2_vpc_routetables = {}
    $default_ec2_vpc_internet_gateways = {}
  }
  $all_ec2_vpcs = $ec2_vpcs+$default_ec2_vpcs
  $all_ec2_vpc_subnets = $ec2_vpc_subnets+$default_ec2_vpc_subnets
  $all_ec2_vpc_routetables = $ec2_vpc_routetables+$default_ec2_vpc_routetables
  $all_ec2_vpc_internet_gateways = $ec2_vpc_internet_gateways+$default_ec2_vpc_internet_gateways

  # VPC
  $ec2_vpcs_defaults = {
    ensure                  => $ensure,
    region                  => $region,
  }
  if $all_ec2_vpcs != { } {
    create_resources('Ec2_vpc',$all_ec2_vpcs,$ec2_vpcs_defaults)
  }

  # Subnets
  $ec2_vpc_subnets_defaults = {
    ensure                  => $ensure,
    region                  => $region,
    vpc                     => $default_vpc_name,
    availability_zone       => "${region}a",
    map_public_ip_on_launch => false,
    route_table             => $default_vpc_name,
  }
  if $all_ec2_vpc_subnets != { } {
    create_resources('ec2_vpc_subnet',$all_ec2_vpc_subnets,$ec2_vpc_subnets_defaults)
  }


  $ec2_vpc_internet_gateways_defaults = {
    ensure     => $ensure,
    region     => $region,
    vpc        => $default_vpc_name,
  }
  if $all_ec2_vpc_internet_gateways != { } {
    create_resources('ec2_vpc_internet_gateway',$all_ec2_vpc_internet_gateways,$ec2_vpc_internet_gateways_defaults)
  }


  $ec2_vpc_routetables_defaults = {
    ensure     => $ensure,
    region     => $region,
    vpc        => $default_vpc_name,
  }
  if $all_ec2_vpc_routetables != { } {
    create_resources('ec2_vpc_routetable',$all_ec2_vpc_routetables,$ec2_vpc_routetables_defaults)
  }

}