| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253 |
- ---
- - name: Validate role inputs
- fail:
- msg: Please ensure to pass the correct variables
- when:
- - r_openshift_aws_sg_region is undefined
- - r_openshift_aws_sg_region is undefined
- - name: Fetch the VPC for vpc.id
- ec2_vpc_net_facts:
- region: "{{ r_openshift_aws_sg_region }}"
- filters:
- "tag:Name": "{{ r_openshift_aws_sg_clusterid }}"
- register: vpcout
- - name: Create default security group for cluster
- ec2_group:
- name: "{{ r_openshift_aws_sg_sg.default.name }}"
- description: "{{ r_openshift_aws_sg_sg.default.desc }}"
- region: "{{ r_openshift_aws_sg_region }}"
- vpc_id: "{{ vpcout.vpcs[0].id }}"
- rules: "{{ r_openshift_aws_sg_sg.default.rules | default(omit, True)}}"
- register: sg_default_created
- - name: create the node group sgs
- ec2_group:
- name: "{{ item.name}}"
- description: "{{ item.desc }}"
- rules: "{{ item.rules if 'rules' in item else [] }}"
- region: "{{ r_openshift_aws_sg_region }}"
- vpc_id: "{{ vpcout.vpcs[0].id }}"
- register: sg_create
- with_items:
- - "{{ r_openshift_aws_sg_sg[r_openshift_aws_sg_type]}}"
- - name: create the k8s sgs for the node group
- ec2_group:
- name: "{{ item.name }}_k8s"
- description: "{{ item.desc }} for k8s"
- region: "{{ r_openshift_aws_sg_region }}"
- vpc_id: "{{ vpcout.vpcs[0].id }}"
- register: k8s_sg_create
- with_items:
- - "{{ r_openshift_aws_sg_sg[r_openshift_aws_sg_type] }}"
- - name: tag sg groups with proper tags
- ec2_tag:
- tags:
- KubernetesCluster: "{{ r_openshift_aws_sg_clusterid }}"
- resource: "{{ item.group_id }}"
- region: "{{ r_openshift_aws_sg_region }}"
- with_items: "{{ k8s_sg_create.results }}"
|
