New in version Beryllium.
Create and destroy VPCs. Be aware that this interacts with Amazon's services, and so may incur charges.
This module uses boto
, which can be installed via package, or pip.
This module accepts explicit vpc credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More information available here.
If IAM roles are not used you need to specify them either in a pillar file or in the minion's config file:
vpc.keyid: GKTADJGHEIQSXMKKRBJ08H
vpc.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
It's also possible to specify key
, keyid
and region
via a profile,
either passed in as a dict, or as a string to pull from pillars or minion
config:
myprofile:
keyid: GKTADJGHEIQSXMKKRBJ08H
key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
region: us-east-1
Ensure VPC exists:
boto_vpc.present:
- name: myvpc
- cidr_block: 10.10.11.0/24
- dns_hostnames: True
- region: us-east-1
- keyid: GKTADJGHEIQSXMKKRBJ08H
- key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
Ensure subnet exists:
boto_vpc.subnet_present:
- name: mysubnet
- vpc_id: vpc-123456
- cidr_block: 10.0.0.0/16
- region: us-east-1
- keyid: GKTADJGHEIQSXMKKRBJ08H
- key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
Ensure internet gateway exists:
boto_vpc.internet_gateway_present:
- name: myigw
- vpc_name: myvpc
- region: us-east-1
- keyid: GKTADJGHEIQSXMKKRBJ08H
- key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
Ensure route table exists:
boto_vpc.route_table_present:
- name: my_route_table
- vpc_id: vpc-123456
- routes:
- destination_cidr_block: 0.0.0.0/0
instance_id: i-123456
interface_id: eni-123456
- subnets:
- name: subnet1
- name: subnet2
- region: us-east-1
- keyid: GKTADJGHEIQSXMKKRBJ08H
- key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
salt.states.boto_vpc.
absent
(name, tags=None, region=None, key=None, keyid=None, profile=None)¶Ensure VPC with passed properties is absent.
salt.states.boto_vpc.
internet_gateway_absent
(name, detach=False, region=None, key=None, keyid=None, profile=None)¶Ensure the named internet gateway is absent.
salt.states.boto_vpc.
internet_gateway_present
(name, vpc_name=None, vpc_id=None, tags=None, region=None, key=None, keyid=None, profile=None)¶Ensure an internet gateway exists.
salt.states.boto_vpc.
present
(name, cidr_block, instance_tenancy=None, dns_support=None, dns_hostnames=None, tags=None, region=None, key=None, keyid=None, profile=None)¶Ensure VPC exists.
salt.states.boto_vpc.
route_table_absent
(name, region=None, key=None, keyid=None, profile=None)¶Ensure the named route table is absent.
salt.states.boto_vpc.
route_table_present
(name, vpc_name=None, vpc_id=None, routes=None, subnet_ids=None, subnet_names=None, tags=None, region=None, key=None, keyid=None, profile=None)¶Ensure route table with routes exists and is associated to a VPC.
Example:
.. code-block:: yaml
- boto_vpc.route_table_present:
name: my_route_table
vpc_id: vpc-123456
routes: - destination_cidr_block: 0.0.0.0/0
instance_id: i-123456 interface_id: eni-123456
subnet_names: - subnet1 - subnet2
salt.states.boto_vpc.
subnet_absent
(name=None, subnet_id=None, region=None, key=None, keyid=None, profile=None)¶Ensure subnet with passed properties is absent.
salt.states.boto_vpc.
subnet_present
(name, cidr_block, vpc_name=None, vpc_id=None, availability_zone=None, tags=None, region=None, key=None, keyid=None, profile=None)¶Ensure a subnet exists.