Resource Type: vpc

Defined in:
lib/puppet/type/vpc.rb
Providers:
awscli

Overview

The vpc resource models a single AWS VPC in puppet. Creating a new VPC also brings into existance the default route table and security_group, both tagged with the same name as the VPC.

Other networking components that combine to make up the VPC need to declared as seperate resources.

Examples:

Create a simple VPC

vpc {'example':
  region => 'us-east-1'
}

Destroy a VPC

vpc {'example':
  ensure => absent,
  region => 'us-east-1'
}

Typical VPC declaration

vpc {'typical_vpc':
  region        => 'eu-west-1',
  cidr          => '192.168.182.0/23',
  dns_hostnames => enabled,
  is_default    => enabled,
  tags          => {
    owner => 'Marketing',
    role  => 'Keeping the marketing department infrastructure seperate from the developers systems'
  }
}

JSON tags declaration

vpc {'complex':
  ensure => present,
  region => 'eu-west-1',
  cidr   => '10.0.1.0/26',
  dns_hostnames => enabled,
  dns_resolution => enabled,
  is_default => false,
  tags => {
    roles => [
      'authenticator',
      'sessions'
    ],
    change_history => [
      {
         date    => '20170328',
         version => '1.4.1',
         notes   => 'patch for issue: EXAP-1043'
      },
      {
         date    => '20170326',
         version => '1.4.0',
         notes   => 'Release 1.4.0'
      }
    ]
  }
}

Properties

  • dns_hostnames (defaults to: disabled)

    Enabling dns_hostnames will mean that it becomes possible to refere to specific EC2 instances using their hostname, and for DNS to resolve this. However, this does not solve the problem of identifying newly created instances, as they will be created with a new name based on their IP address, so their DNS entry is only predictable if you already know their IP address.

    If you have a situation where this is useful, you can enable this VPC feature.

    Supported values:
    • enabled
    • disabled
  • dns_resolution (defaults to: enabled)

    Enabling dns_resolution ensures that local EC2 instances have a DNS server available on their local network, and that new instances are configured to use this DNS server for DNS lookups.

    Supported values:
    • enabled
    • disabled
  • ensure (defaults to: present)

    The basic property that the resource should be in.

    Supported values:
    • present
    • absent
  • tags

    The tags property is presented as a hash containing key / value pairs. Values can be strings, hashes or arrays. Hashes and arrays are stored in AWS as JSON strings.

Parameters

  • cidr (defaults to: 192.168.0.0/24)

    The virtual private cloud's VPC defines the IP address space that can be contained within this VPC. Subnets will only be able to be created using partial address ranges within the scope of this CIDR.

  • name (namevar)

    The VPC name must be both unique within this puppet manifest, and unique within the AWS region for this AWS account.

  • region (defaults to: us-east-1)

    The region parameter is required for all puppet actions on this resource. It needs to follow the 'us-east-1' style, and not the 'N. Virginia' format. Changing this paramter does not move the resource from one region to another, but it may create a new resource in the new region, and will completely ignore the existing resource in the old region