diff --git a/roles/manage_vpc_peering/README.md b/roles/manage_vpc_peering/README.md index 3b94e673..c7c91d85 100644 --- a/roles/manage_vpc_peering/README.md +++ b/roles/manage_vpc_peering/README.md @@ -4,21 +4,21 @@ A role to create, delete and accept existing VPC peering connections. ## Specify following values in role vars -- region - Region of the requester VPC. +- manage_vpc_peering_region - Region of the requester VPC. -- requester_vpc - ID of the VPC requesting the peering connection. +- manage_vpc_peering_requeter_vpc - ID of the VPC requesting the peering connection. -- accepter_vpc - ID of the VPC accepting the peering connection. +- manage_vpc_peering_accepter_vpc - ID of the VPC accepting the peering connection. -- accepter_vpc_region - Region of the accepter VPC (Required if requester and accepter VPCs are in different regions or performing cross-account peering.) +- manage_vpc_peering_accepter_vpc_region - Region of the accepter VPC (Required if requester and accepter VPCs are in different regions or performing cross-account peering.) -- accepter_vpc_account_id - The AWS account ID of accepter VPC account for cross-account peering. +- manage_vpc_peering_accepter_vpc_account_id - The AWS account ID of accepter VPC account for cross-account peering. -- accepter_account_profile - A Named AWS profile of accepter VPC account for cross-account peering. +- manage_vpc_peering_accepter_account_profile - A Named AWS profile of accepter VPC account for cross-account peering. -- vpc_peering_operation - Choices include 'create', 'delete', and 'accept'. +- manage_vpc_peering_operation - Choices include 'create', 'delete', and 'accept'. -- vpc_peering_conn_id - ID of the VPC peering connection request (only provide to delete a VPC peering connection). +- manage_vpc_peering_vpc_peering_conn_id - ID of the VPC peering connection request (only provide to delete a VPC peering connection). Return Value ------------ @@ -41,9 +41,9 @@ Dependencies name: cloud.aws_ops.manage_vpc_peering vars: region: us-west-1 - requester_vpc: vpc-12345 - accepter_vpc: vpc-98765 - vpc_peering_operation: create + manage_vpc_peering_requeter_vpc: vpc-12345 + manage_vpc_peering_accepter_vpc: vpc-98765 + manage_vpc_peering_operation: create - name: Set variable for peering connection ID for above task ansible.builtin.set_fact: @@ -54,48 +54,48 @@ Dependencies name: cloud.aws_ops.manage_vpc_peering vars: region: us-west-1 - requester_vpc: vpc-12345 - accepter_vpc: vpc-98765 - accepter_vpc_region: ap-northeast-3 - vpc_peering_operation: create + manage_vpc_peering_requeter_vpc: vpc-12345 + manage_vpc_peering_accepter_vpc: vpc-98765 + manage_vpc_peering_accepter_vpc_region: ap-northeast-3 + manage_vpc_peering_operation: create - name: Peer VPCs in different accounts and different region (cross-account) ansible.builtin.include_role: name: cloud.aws_ops.manage_vpc_peering vars: region: us-west-1 - requester_vpc: vpc-12345 - accepter_vpc: vpc-98765 - accepter_vpc_region: ap-northeast-3 - accepter_vpc_account_id: 1234567890 - accepter_account_profile: my-account-profile - vpc_peering_operation: create + manage_vpc_peering_requeter_vpc: vpc-12345 + manage_vpc_peering_accepter_vpc: vpc-98765 + manage_vpc_peering_accepter_vpc_region: ap-northeast-3 + manage_vpc_peering_accepter_vpc_account_id: 1234567890 + manage_vpc_peering_accepter_account_profile: my-account-profile + manage_vpc_peering_operation: create - name: Delete VPC peering request ansible.builtin.include_role: name: cloud.aws_ops.manage_vpc_peering vars: region: us-west-1 - vpc_peering_conn_id: pcx-1234567890 - vpc_peering_operation: delete + manage_vpc_peering_vpc_peering_conn_id: pcx-1234567890 + manage_vpc_peering_operation: delete - name: Accept existing VPC peering request (local account) ansible.builtin.include_role: name: cloud.aws_ops.manage_vpc_peering vars: region: us-west-1 - vpc_peering_conn_id: pcx-1234567890 - vpc_peering_operation: accept + manage_vpc_peering_vpc_peering_conn_id: pcx-1234567890 + manage_vpc_peering_operation: accept - name: Accept existing VPC peering request (another account) ansible.builtin.include_role: name: cloud.aws_ops.manage_vpc_peering vars: region: us-west-1 - vpc_peering_conn_id: pcx-1234567890 - vpc_peering_operation: accept - accepter_vpc_account_id: 1234567890 - accepter_account_profile: my-account-profile + manage_vpc_peering_vpc_peering_conn_id: pcx-1234567890 + manage_vpc_peering_operation: accept + manage_vpc_peering_accepter_vpc_account_id: 1234567890 + manage_vpc_peering_accepter_account_profile: my-account-profile ``` License diff --git a/roles/manage_vpc_peering/tasks/accept.yaml b/roles/manage_vpc_peering/tasks/accept.yaml index 9e34b0ef..ef8fd0be 100644 --- a/roles/manage_vpc_peering/tasks/accept.yaml +++ b/roles/manage_vpc_peering/tasks/accept.yaml @@ -2,16 +2,16 @@ - name: Fail when required parameters are not provided ansible.builtin.fail: msg: Please provide required parameters to create VPC peering (refer documentation for more information) - when: region is not defined or vpc_peering_conn_id is not defined + when: manage_vpc_peering_region is not defined or manage_vpc_peering_vpc_peering_conn_id is not defined - name: Accept VPC peering connection request block: - name: Ensure VPC peering connection request exists before moving forward community.aws.ec2_vpc_peering_info: peer_connection_ids: - - "{{ vpc_peering_conn_id }}" - region: "{{ region }}" - profile: "{{ accepter_account_profile | default(omit) }}" + - "{{ manage_vpc_peering_vpc_peering_conn_id }}" + region: "{{ manage_vpc_peering_region }}" + profile: "{{ manage_vpc_peering_accepter_account_profile | default(omit) }}" register: manage_vpc_peering_peering_info retries: 3 delay: 5 @@ -19,9 +19,9 @@ - name: Accept VPC peering request community.aws.ec2_vpc_peer: - region: "{{ region }}" - peering_id: "{{ vpc_peering_conn_id }}" - peer_owner_id: "{{ accepter_vpc_account_id | default(omit) }}" - profile: "{{ accepter_account_profile | default(omit) }}" + region: "{{ manage_vpc_peering_region }}" + peering_id: "{{ manage_vpc_peering_vpc_peering_conn_id }}" + peer_owner_id: "{{ manage_vpc_peering_accepter_vpc_account_id | default(omit) }}" + profile: "{{ manage_vpc_peering_accepter_account_profile | default(omit) }}" state: accept register: manage_vpc_peering_accept_peering_request diff --git a/roles/manage_vpc_peering/tasks/create.yaml b/roles/manage_vpc_peering/tasks/create.yaml index 059d2fab..7968b80f 100644 --- a/roles/manage_vpc_peering/tasks/create.yaml +++ b/roles/manage_vpc_peering/tasks/create.yaml @@ -2,17 +2,17 @@ - name: Fail when required parameters are not provided ansible.builtin.fail: msg: Please provide required parameters to create VPC peering (refer documentation for more information) - when: region is not defined or requester_vpc is not defined or accepter_vpc is not defined + when: manage_vpc_peering_region is not defined or manage_vpc_peering_requeter_vpc is not defined or manage_vpc_peering_accepter_vpc is not defined - name: Create VPC peering block: - name: Create VPC peering request community.aws.ec2_vpc_peer: - region: "{{ region }}" - peer_region: "{{ accepter_vpc_region | default(region, true) }}" - vpc_id: "{{ requester_vpc }}" - peer_vpc_id: "{{ accepter_vpc }}" - peer_owner_id: "{{ accepter_vpc_account_id | default(omit) }}" + region: "{{ manage_vpc_peering_region }}" + peer_region: "{{ manage_vpc_peering_accepter_vpc_region | default(manage_vpc_peering_region, true) }}" + vpc_id: "{{ manage_vpc_peering_requeter_vpc }}" + peer_vpc_id: "{{ manage_vpc_peering_accepter_vpc }}" + peer_owner_id: "{{ manage_vpc_peering_accepter_vpc_account_id | default(omit) }}" state: present register: manage_vpc_peering_vpc_peering_request @@ -20,8 +20,8 @@ community.aws.ec2_vpc_peering_info: peer_connection_ids: - "{{ manage_vpc_peering_vpc_peering_request.peering_id }}" - region: "{{ accepter_vpc_region | default(region, true) }}" - profile: "{{ accepter_account_profile | default(omit) }}" + region: "{{ manage_vpc_peering_accepter_vpc_region | default(manage_vpc_peering_region, true) }}" + profile: "{{ manage_vpc_peering_accepter_account_profile | default(omit) }}" register: manage_vpc_peering_peering_info retries: 3 delay: 5 @@ -33,10 +33,10 @@ - name: Accept VPC peering request community.aws.ec2_vpc_peer: - region: "{{ accepter_vpc_region | default(region, true) }}" + region: "{{ manage_vpc_peering_accepter_vpc_region | default(manage_vpc_peering_region, true) }}" peering_id: "{{ manage_vpc_peering_vpc_peering_request.peering_id }}" - peer_owner_id: "{{ accepter_vpc_account_id | default(omit) }}" - profile: "{{ accepter_account_profile | default(omit) }}" + peer_owner_id: "{{ manage_vpc_peering_accepter_vpc_account_id | default(omit) }}" + profile: "{{ manage_vpc_peering_accepter_account_profile | default(omit) }}" state: accept register: manage_vpc_peering_accept_peering_request diff --git a/roles/manage_vpc_peering/tasks/delete.yaml b/roles/manage_vpc_peering/tasks/delete.yaml index 86ff1f42..6856e02f 100644 --- a/roles/manage_vpc_peering/tasks/delete.yaml +++ b/roles/manage_vpc_peering/tasks/delete.yaml @@ -2,14 +2,14 @@ - name: Fail when required parameters are not provided ansible.builtin.fail: msg: Please provide required parameters to delete VPC peering (refer documentation for more information) - when: region is not defined or vpc_peering_conn_id is not defined + when: manage_vpc_peering_region is not defined or manage_vpc_peering_vpc_peering_conn_id is not defined - name: Delete vpc peering connection request block: - name: Delete a local VPC peering connection community.aws.ec2_vpc_peer: - region: "{{ region }}" - peering_id: "{{ vpc_peering_conn_id }}" + region: "{{ manage_vpc_peering_region }}" + peering_id: "{{ manage_vpc_peering_vpc_peering_conn_id }}" state: absent register: manage_vpc_peering_vpc_peer diff --git a/roles/manage_vpc_peering/tasks/main.yaml b/roles/manage_vpc_peering/tasks/main.yaml index fcf379dc..da43d1b3 100644 --- a/roles/manage_vpc_peering/tasks/main.yaml +++ b/roles/manage_vpc_peering/tasks/main.yaml @@ -5,4 +5,4 @@ block: - name: Include file - ansible.builtin.include_tasks: "{{ vpc_peering_operation }}.yaml" + ansible.builtin.include_tasks: "{{ manage_vpc_peering_operation }}.yaml" diff --git a/tests/integration/targets/test_manage_vpc_peering/tasks/create_delete_accept_peering.yml b/tests/integration/targets/test_manage_vpc_peering/tasks/create_delete_accept_peering.yml index aeae076d..ad7ea342 100644 --- a/tests/integration/targets/test_manage_vpc_peering/tasks/create_delete_accept_peering.yml +++ b/tests/integration/targets/test_manage_vpc_peering/tasks/create_delete_accept_peering.yml @@ -4,10 +4,10 @@ ansible.builtin.include_role: name: cloud.aws_ops.manage_vpc_peering vars: - requester_vpc: "{{ vpc_peering_requester_vpc_id }}" - accepter_vpc: "{{ vpc_peering_accepter_vpc_id }}" - region: "{{ vpc_peering_accepter_region }}" - vpc_peering_operation: create + manage_vpc_peering_requeter_vpc: "{{ vpc_peering_manage_vpc_peering_requeter_vpc_id }}" + manage_vpc_peering_accepter_vpc: "{{ vpc_peering_manage_vpc_peering_accepter_vpc_id }}" + manage_vpc_peering_region: "{{ vpc_peering_accepter_region }}" + manage_vpc_peering_operation: create - name: Validate that VPC Peering was created and is active ansible.builtin.include_tasks: validate.yml @@ -17,9 +17,9 @@ ansible.builtin.include_role: name: cloud.aws_ops.manage_vpc_peering vars: - region: "{{ vpc_peering_accepter_region }}" - vpc_peering_conn_id: "{{ manage_vpc_peering_req_id }}" - vpc_peering_operation: delete + manage_vpc_peering_region: "{{ vpc_peering_accepter_region }}" + manage_vpc_peering_vpc_peering_conn_id: "{{ manage_vpc_peering_req_id }}" + manage_vpc_peering_operation: delete - name: Validate that VPC Peering was deleted ansible.builtin.include_tasks: validate.yml @@ -34,8 +34,8 @@ aws_security_token: "{{ security_token | default(omit) }}" region: "{{ aws_region }}" peer_region: "{{ vpc_peering_accepter_region }}" - vpc_id: "{{ vpc_peering_requester_vpc_id }}" - peer_vpc_id: "{{ vpc_peering_accepter_vpc_id }}" + vpc_id: "{{ vpc_peering_manage_vpc_peering_requeter_vpc_id }}" + peer_vpc_id: "{{ vpc_peering_manage_vpc_peering_accepter_vpc_id }}" state: present register: __vpc_peering @@ -47,9 +47,9 @@ ansible.builtin.include_role: name: cloud.aws_ops.manage_vpc_peering vars: - region: "{{ vpc_peering_accepter_region }}" - vpc_peering_conn_id: "{{ vpc_peering_id }}" - vpc_peering_operation: accept + manage_vpc_peering_region: "{{ vpc_peering_accepter_region }}" + manage_vpc_peering_vpc_peering_conn_id: "{{ vpc_peering_id }}" + manage_vpc_peering_operation: accept - name: Validate that VPC Peering has been accepted ansible.builtin.include_tasks: validate.yml @@ -58,6 +58,6 @@ ansible.builtin.include_role: name: cloud.aws_ops.manage_vpc_peering vars: - region: "{{ vpc_peering_accepter_region }}" - vpc_peering_conn_id: "{{ vpc_peering_id }}" - vpc_peering_operation: delete + manage_vpc_peering_region: "{{ vpc_peering_accepter_region }}" + manage_vpc_peering_vpc_peering_conn_id: "{{ vpc_peering_id }}" + manage_vpc_peering_operation: delete diff --git a/tests/integration/targets/test_manage_vpc_peering/tasks/main.yml b/tests/integration/targets/test_manage_vpc_peering/tasks/main.yml index 05da08ff..31e97104 100644 --- a/tests/integration/targets/test_manage_vpc_peering/tasks/main.yml +++ b/tests/integration/targets/test_manage_vpc_peering/tasks/main.yml @@ -15,8 +15,8 @@ - name: Test VPC Peering in the same region ansible.builtin.include_tasks: create_delete_accept_peering.yml vars: - vpc_peering_accepter_vpc_id: "{{ test_vpc_1.vpc.id }}" - vpc_peering_requester_vpc_id: "{{ test_vpc_2.vpc.id }}" + vpc_peering_manage_vpc_peering_accepter_vpc_id: "{{ test_vpc_1.vpc.id }}" + vpc_peering_manage_vpc_peering_requeter_vpc_id: "{{ test_vpc_2.vpc.id }}" vpc_peering_accepter_region: "{{ aws_region }}" # Disable: Tests for cross-region vpc peering skipped as CI permissions are restricted to us-east-1 only @@ -25,19 +25,19 @@ # ansible.builtin.include_role: # name: cloud.aws_ops.manage_vpc_peering # vars: - # region: "{{ aws_region }}" - # accepter_vpc_region: us-west-1 - # requester_vpc: "{{ test_vpc_1.vpc.id }}" - # accepter_vpc: "{{ us_west_1_vpc_1.vpc.id }}" - # vpc_peering_operation: create + # manage_vpc_peering_region: "{{ aws_region }}" + # manage_vpc_peering_accepter_vpc_region: us-west-1 + # manage_vpc_peering_requeter_vpc: "{{ test_vpc_1.vpc.id }}" + # manage_vpc_peering_accepter_vpc: "{{ us_west_1_vpc_1.vpc.id }}" + # manage_vpc_peering_operation: create # - name: Delete VPC peering connection req # ansible.builtin.include_role: # name: cloud.aws_ops.manage_vpc_peering # vars: - # region: "{{ aws_region }}" - # vpc_peering_conn_id: "{{ manage_vpc_peering_req_id }}" - # vpc_peering_operation: delete + # manage_vpc_peering_region: "{{ aws_region }}" + # manage_vpc_peering_vpc_peering_conn_id: "{{ manage_vpc_peering_req_id }}" + # manage_vpc_peering_operation: delete always: - name: Include 'teardown.yml' file diff --git a/tests/integration/targets/test_manage_vpc_peering/tasks/validate.yml b/tests/integration/targets/test_manage_vpc_peering/tasks/validate.yml index b7313052..24a54389 100644 --- a/tests/integration/targets/test_manage_vpc_peering/tasks/validate.yml +++ b/tests/integration/targets/test_manage_vpc_peering/tasks/validate.yml @@ -1,17 +1,17 @@ --- - name: Validate that VPC peering exist with status accepted module_defaults: - group/aws: "{{ aws_setup_credentials__output }}" + group/aws: "{{ aws_setup_credentials__output }}" block: - name: Check VPC peering community.aws.ec2_vpc_peering_info: filters: - requester-vpc-info.vpc-id: "{{ vpc_peering_requester_vpc_id }}" - accepter-vpc-info.vpc-id: "{{ vpc_peering_accepter_vpc_id }}" + requester-vpc-info.vpc-id: "{{ vpc_peering_manage_vpc_peering_requeter_vpc_id }}" + accepter-vpc-info.vpc-id: "{{ vpc_peering_manage_vpc_peering_accepter_vpc_id }}" status-code: "{{ vpc_peering_status | default('active') }}" register: __vpc_peering - name: Validate that VPC peering was found as expected ansible.builtin.assert: that: - - __vpc_peering.result | length == 1 \ No newline at end of file + - __vpc_peering.result | length == 1