salt.states.boto_vpc

Manage VPCs

New in version Beryllium.

Create and destroy VPCs. Be aware that this interacts with Amazon's services, and so may incur charges.

This module uses boto, which can be installed via package, or pip.

This module accepts explicit vpc credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More information available here.

If IAM roles are not used you need to specify them either in a pillar file or in the minion's config file:

vpc.keyid: GKTADJGHEIQSXMKKRBJ08H
vpc.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

It's also possible to specify key, keyid and region via a profile, either passed in as a dict, or as a string to pull from pillars or minion config:

myprofile:
    keyid: GKTADJGHEIQSXMKKRBJ08H
    key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
        region: us-east-1
Ensure VPC exists:
    boto_vpc.present:
        - name: myvpc
        - cidr_block: 10.10.11.0/24
        - dns_hostnames: True
        - region: us-east-1
        - keyid: GKTADJGHEIQSXMKKRBJ08H
        - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

Ensure subnet exists:
    boto_vpc.subnet_present:
        - name: mysubnet
        - vpc_id: vpc-123456
        - cidr_block: 10.0.0.0/16
        - region: us-east-1
        - keyid: GKTADJGHEIQSXMKKRBJ08H
        - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

Ensure internet gateway exists:
    boto_vpc.internet_gateway_present:
        - name: myigw
        - vpc_name: myvpc
        - region: us-east-1
        - keyid: GKTADJGHEIQSXMKKRBJ08H
        - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

Ensure route table exists:
    boto_vpc.route_table_present:
        - name: my_route_table
        - vpc_id: vpc-123456
        - routes:
          - destination_cidr_block: 0.0.0.0/0
            instance_id: i-123456
            interface_id: eni-123456
        - subnets:
          - name: subnet1
          - name: subnet2
        - region: us-east-1
        - keyid: GKTADJGHEIQSXMKKRBJ08H
        - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
salt.states.boto_vpc.absent(name, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure VPC with passed properties is absent.

name
Name of the VPC.
tags
A list of tags. All tags must match.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_vpc.internet_gateway_absent(name, detach=False, region=None, key=None, keyid=None, profile=None)

Ensure the named internet gateway is absent.

name
Name of the internet gateway.
detach
First detach the internet gateway from a VPC, if attached.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_vpc.internet_gateway_present(name, vpc_name=None, vpc_id=None, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure an internet gateway exists.

name
Name of the internet gateway.
vpc_name
Name of the VPC to which the internet gateway should be attached.
vpc_id
Id of the VPC to which the internet_gateway should be attached. Only one of vpc_name or vpc_id may be provided.
tags
A list of tags.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_vpc.present(name, cidr_block, instance_tenancy=None, dns_support=None, dns_hostnames=None, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure VPC exists.

name
Name of the VPC.
cidr_block
The range of IPs in CIDR format, for example: 10.0.0.0/24. Block size must be between /16 and /28 netmask.
instance_tenancy
Instances launched in this VPC will be ingle-tenant or dedicated hardware.
dns_support
Indicates whether the DNS resolution is supported for the VPC.
dns_hostnames
Indicates whether the instances launched in the VPC get DNS hostnames.
tags
A list of tags.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_vpc.route_table_absent(name, region=None, key=None, keyid=None, profile=None)

Ensure the named route table is absent.

name
Name of the route table.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_vpc.route_table_present(name, vpc_name=None, vpc_id=None, routes=None, subnet_ids=None, subnet_names=None, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure route table with routes exists and is associated to a VPC.

Example:

.. code-block:: yaml
boto_vpc.route_table_present:
  • name: my_route_table

  • vpc_id: vpc-123456

  • routes: - destination_cidr_block: 0.0.0.0/0

    instance_id: i-123456 interface_id: eni-123456

  • subnet_names: - subnet1 - subnet2

name
Name of the route table.
vpc_name
Name of the VPC with which the route table should be associated.
vpc_id
Id of the VPC with which the route table should be associated. Either vpc_name or vpc_id must be provided.
routes
A list of routes.
subnet_ids
A list of subnet ids to associate
subnet_names
A list of subnet names to associate
tags
A list of tags.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_vpc.subnet_absent(name=None, subnet_id=None, region=None, key=None, keyid=None, profile=None)

Ensure subnet with passed properties is absent.

name
Name of the subnet.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_vpc.subnet_present(name, cidr_block, vpc_name=None, vpc_id=None, availability_zone=None, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure a subnet exists.

name
Name of the subnet.
cidr_block
The range if IPs for the subnet, in CIDR format. For example: 10.0.0.0/24. Block size must be between /16 and /28 netmask.
vpc_name
Name of the VPC in which the subnet should be placed. Either vpc_name or vpc_id must be provided.
vpc_id
Id of the VPC in which the subnet should be placed. Either vpc_name or vpc_id must be provided.
availability_zone
AZ in which the subnet should be placed.
tags
A list of tags.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.