-
Notifications
You must be signed in to change notification settings - Fork 0
/
bastion-instance.yml
53 lines (53 loc) · 1.48 KB
/
bastion-instance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
---
- name: Setup Vprofile Bastion Host
hosts: localhost
connection: local
gather_facts: false
tasks:
- name: Import Vpc Variables
include_vars: vars/bastion_setup
- name: Import Vpc setup Variables
include_vars: vars/output_vars
- name: create a new ec2 key pair, returns generated private key
ec2_key:
name: vprofile-key
region: "{{region}}"
register: key_out
- name: Save private key into file bastion-key.pem
copy:
content: "{{key_out.key.private_key}}"
dest: "./bastion-key.pem"
mode: 0600
when: key_out.changed
- name: Create sec group for bastion host
ec2_group:
name: Bastion-Host-sg
description: allow port 22 from everywhere and all port within sg
region: "{{region}}"
vpc_id: "{{vpcid}}"
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: "{{MYIP}}"
register: BastionSG_out
- name: creating bastion host
ec2:
key_name: vprofile-key
region: "{{region}}"
instance_type: t2.micro
image: "{{bastion_ami}}"
wait: yes
wait_timeout: 300
instance_tags:
Name: "Bastion_host"
Project: Vprofile
Owner: Devops Team
exact_count: 1
count_tag:
Name: "Bastion_host"
Project: Vprofile
Owner: Devops Team
group_id: "{{BastionSG_out.group_id}}"
vpc_subnet_id: "{{pubsub1id}}"
register: bastionHost_out