2020-12-02 18:11:18 +01:00

56 lines
1.5 KiB
YAML

- name: copy ssh public key
amazon.aws.ec2_key:
name: vpn_key
key_material: "{{ lookup('file', '{{ ssh_pub_key_file }}') }}"
- name: network security policy that allows all traffic incoming and outgoing
amazon.aws.ec2_group:
name: "vpn allow all"
description: allow all traffic/protocol/ports
region: "{{ aws_region }}"
rules:
- proto: all
cidr_ip: 0.0.0.0/0
- proto: all
group_name: "vpn allow all"
rules_egress:
- proto: all
cidr_ip: 0.0.0.0/0
register: security_group
- name: create graviton spot instance
amazon.aws.ec2:
region: "{{ aws_region }}"
spot_type: persistent
spot_wait_timeout: 120
key_name: vpn_key
group_id: "{{ security_group.group_id }}"
instance_type: "{{ aws_type }}"
image: "{{ aws_ami }}"
wait: yes
instance_initiated_shutdown_behavior: terminate
register: graviton
- name: Wait for SSH to come up
delegate_to: "{{ item.public_dns_name }}"
wait_for_connection:
delay: 60
timeout: 320
loop: "{{ graviton.instances }}"
- name: Add new instance to host group
add_host:
hostname: "{{ item.public_ip }}"
groupname: launched
loop: "{{ graviton.instances }}"
- name: generate route53 dns entry for the instance
route53:
command: create
overwrite: yes
zone: "{{ dns_zone_name }}"
record: "{{ dns_host_name }}.{{ dns_zone_name }}"
type: CNAME
ttl: 60
value: "{{ item.public_dns_name }}"
loop: "{{ graviton.instances }}"