Puppet Class: psick::aws::puppet::vpc

Defined in:
manifests/aws/puppet/vpc.pp

Overview

Setup a VPC

Parameters:

  • region (String) (defaults to: $psick::aws::region)
  • ensure (String) (defaults to: 'present')
  • default_cidr_block_prefix (String) (defaults to: $psick::aws::default_cidr_block_prefix)
  • default_vpc_name (String) (defaults to: $psick::aws::default_vpc_name)
  • create_defaults (Boolean) (defaults to: $psick::aws::create_defaults)
  • ec2_vpcs (Hash) (defaults to: {})
  • ec2_vpc_subnets (Hash) (defaults to: {})
  • ec2_vpc_routetables (Hash) (defaults to: {})
  • ec2_vpc_internet_gateways (Hash) (defaults to: {})
  • manage (Boolean) (defaults to: $psick::manage)
  • noop_manage (Boolean) (defaults to: $psick::noop_manage)
  • noop_value (Boolean) (defaults to: $psick::noop_value) 


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
 
# File 'manifests/aws/puppet/vpc.pp', line 2

class psick::aws::puppet::vpc (
  String $region                    = $psick::aws::region,
  String $ensure                    = 'present',
  String $default_cidr_block_prefix = $psick::aws::default_cidr_block_prefix,
  String $default_vpc_name          = $psick::aws::default_vpc_name,
  Boolean $create_defaults          = $psick::aws::create_defaults,

  Hash   $ec2_vpcs                  = {},
  Hash   $ec2_vpc_subnets           = {},
  Hash   $ec2_vpc_routetables       = {},
  Hash   $ec2_vpc_internet_gateways = {},

  Boolean     $manage               = $psick::manage,
  Boolean     $noop_manage          = $psick::noop_manage,
  Boolean     $noop_value           = $psick::noop_value,
) {
  if $manage {
    if $noop_manage {
      noop($noop_value)
    }

    if $ensure == 'absent' {
      #lint:ignore:spaceship_operator_without_tag
      Ec2_vpc_routetable<||>
      -> Ec2_vpc_internet_gateway<||>
      -> Ec2_vpc_subnet<||>
      -> Ec2_vpc<|name == $default_vpc_name|>
      #   Ec2_vpc<||>
      #lint:endignore
    }

    # Default resources, if enabled
    if $create_defaults {
      $default_ec2_vpcs = {
        $default_vpc_name => {
          ensure       => 'present',
          region       => $region,
          cidr_block   => "${default_cidr_block_prefix}.0.0/16",
        },
      }

      $default_ec2_vpc_internet_gateways = {
        "${default_vpc_name}-igw" => {
          ensure       => $ensure,
          region       => $region,
          vpc          => $default_vpc_name,
        },
      }

      $default_ec2_vpc_routetables = {
        "${default_vpc_name}-public" => {
          ensure       => $ensure,
          region       => $region,
          vpc          => $default_vpc_name,
          routes => [
            {
              destination_cidr_block => '0.0.0.0/0',
              gateway                => "${default_vpc_name}-igw",
            },
            {
              destination_cidr_block => "${default_cidr_block_prefix}.0.0/16",
              gateway                => 'local'
            },
          ],
        },
      }

      $default_ec2_vpc_subnets = {
        "${default_vpc_name}_dmz_a" => {
          cidr_block        => "${default_cidr_block_prefix}.1.0/24",
          availability_zone => "${region}a",
          route_table       => "${default_vpc_name}-public",
        },
        "${default_vpc_name}_dmz_b" => {
          cidr_block        => "${default_cidr_block_prefix}.2.0/24",
          availability_zone => "${region}b",
          route_table       => "${default_vpc_name}-public",
        },
        "${default_vpc_name}_rds_a" => {
          cidr_block        => "${default_cidr_block_prefix}.41.0/24",
          availability_zone => "${region}a",
        },
        "${default_vpc_name}_rds_b" => {
          cidr_block        => "${default_cidr_block_prefix}.42.0/24",
          availability_zone => "${region}b",
        },
        "${default_vpc_name}_mgmt_a" => {
          cidr_block        => "${default_cidr_block_prefix}.11.0/24",
          availability_zone => "${region}a",
        },
        "${default_vpc_name}_mgmt_b" => {
          cidr_block        => "${default_cidr_block_prefix}.12.0/24",
          availability_zone => "${region}b",
        },
      }
    } else {
      $default_ec2_vpcs = {}
      $default_ec2_vpc_subnets = {}
      $default_ec2_vpc_routetables = {}
      $default_ec2_vpc_internet_gateways = {}
    }
    $all_ec2_vpcs = $ec2_vpcs+$default_ec2_vpcs
    $all_ec2_vpc_subnets = $ec2_vpc_subnets+$default_ec2_vpc_subnets
    $all_ec2_vpc_routetables = $ec2_vpc_routetables+$default_ec2_vpc_routetables
    $all_ec2_vpc_internet_gateways = $ec2_vpc_internet_gateways+$default_ec2_vpc_internet_gateways

    # VPC
    $ec2_vpcs_defaults = {
      ensure                  => $ensure,
      region                  => $region,
    }
    if $all_ec2_vpcs != {} {
      create_resources('Ec2_vpc',$all_ec2_vpcs,$ec2_vpcs_defaults)
    }

    # Subnets
    $ec2_vpc_subnets_defaults = {
      ensure                  => $ensure,
      region                  => $region,
      vpc                     => $default_vpc_name,
      availability_zone       => "${region}a",
      map_public_ip_on_launch => false,
      route_table             => $default_vpc_name,
    }
    if $all_ec2_vpc_subnets != {} {
      create_resources('ec2_vpc_subnet',$all_ec2_vpc_subnets,$ec2_vpc_subnets_defaults)
    }

    $ec2_vpc_internet_gateways_defaults = {
      ensure     => $ensure,
      region     => $region,
      vpc        => $default_vpc_name,
    }
    if $all_ec2_vpc_internet_gateways != {} {
      create_resources('ec2_vpc_internet_gateway',$all_ec2_vpc_internet_gateways,$ec2_vpc_internet_gateways_defaults)
    }

    $ec2_vpc_routetables_defaults = {
      ensure     => $ensure,
      region     => $region,
      vpc        => $default_vpc_name,
    }
    if $all_ec2_vpc_routetables != {} {
      create_resources('ec2_vpc_routetable',$all_ec2_vpc_routetables,$ec2_vpc_routetables_defaults)
    }
  }
}