ansible / ansible.builtin / v2.7.16 / module / ec2_vpc_route_table Manage route tables for AWS virtual private clouds | "added in version" 2.0 of ansible.builtin" Authors: Robert Estelle (@erydo), Rob White (@wimnat), Will Thames (@willthames) stableinterface | supported by certifiedansible.builtin.ec2_vpc_route_table (v2.7.16) — module
pip
Install with pip install ansible==2.7.16
Manage route tables for AWS virtual private clouds
# Note: These examples do not set authentication details, see the AWS Guide for details. # Basic creation example: - name: Set up public subnet route table ec2_vpc_route_table: vpc_id: vpc-1245678 region: us-west-1 tags: Name: Public subnets: - "{{ jumpbox_subnet.subnet.id }}" - "{{ frontend_subnet.subnet.id }}" - "{{ vpn_subnet.subnet_id }}" routes: - dest: 0.0.0.0/0 gateway_id: "{{ igw.gateway_id }}" register: public_route_table
- name: Set up NAT-protected route table ec2_vpc_route_table: vpc_id: vpc-1245678 region: us-west-1 tags: Name: Internal subnets: - "{{ application_subnet.subnet.id }}" - 'Database Subnet' - '10.0.0.0/8' routes: - dest: 0.0.0.0/0 instance_id: "{{ nat.instance_id }}" register: nat_route_table
- name: delete route table ec2_vpc_route_table: vpc_id: vpc-1245678 region: us-west-1 route_table_id: "{{ route_table.id }}" lookup: id state: absent
tags: aliases: - resource_tags description: 'A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }. Tags are used to uniquely identify route tables within a VPC when the route_table_id is not supplied. ' state: choices: - present - absent default: present description: Create or destroy the VPC route table lookup: choices: - tag - id default: tag description: Look up route table by either tags or by route table ID. Non-unique tag lookup will fail. If no tags are specified then no lookup for an existing route table is performed and a new route table will be created. To change tags of a route table you must look up by id. region: aliases: - aws_region - ec2_region description: - The AWS region to use. - For global services such as IAM, Route53 and CloudFront, I(region) is ignored. - The C(AWS_REGION) or C(EC2_REGION) environment variables may also be used. - See the Amazon AWS documentation for more information U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region). - The C(ec2_region) alias has been deprecated and will be removed in a release after 2024-12-01 - Support for the C(EC2_REGION) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str routes: description: List of routes in the route table. Routes are specified as dicts containing the keys 'dest' and one of 'gateway_id', 'instance_id', 'network_interface_id', or 'vpc_peering_connection_id'. If 'gateway_id' is specified, you can refer to the VPC's IGW by using the value 'igw'. Routes are required for present states. vpc_id: description: VPC ID of the VPC in which to create the route table. required: true profile: aliases: - aws_profile description: - A named AWS profile to use for authentication. - See the AWS documentation for more information about named profiles U(https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html). - The C(AWS_PROFILE) environment variable may also be used. - The I(profile) option is mutually exclusive with the I(aws_access_key), I(aws_secret_key) and I(security_token) options. type: str subnets: description: An array of subnets to add to this route table. Subnets may be specified by either subnet ID, Name tag, or by a CIDR such as '10.0.0.0/24'. access_key: aliases: - aws_access_key_id - aws_access_key - ec2_access_key description: - AWS access key ID. - See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). - The C(AWS_ACCESS_KEY_ID), C(AWS_ACCESS_KEY) or C(EC2_ACCESS_KEY) environment variables may also be used in decreasing order of preference. - The I(aws_access_key) and I(profile) options are mutually exclusive. - The I(aws_access_key_id) alias was added in release 5.1.0 for consistency with the AWS botocore SDK. - The I(ec2_access_key) alias has been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_ACCESS_KEY) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str aws_config: description: - A dictionary to modify the botocore configuration. - Parameters can be found in the AWS documentation U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config). type: dict purge_tags: default: 'no' description: Purge existing tags that are not found in route table type: bool version_added: '2.5' version_added_collection: ansible.builtin secret_key: aliases: - aws_secret_access_key - aws_secret_key - ec2_secret_key description: - AWS secret access key. - See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). - The C(AWS_SECRET_ACCESS_KEY), C(AWS_SECRET_KEY), or C(EC2_SECRET_KEY) environment variables may also be used in decreasing order of preference. - The I(secret_key) and I(profile) options are mutually exclusive. - The I(aws_secret_access_key) alias was added in release 5.1.0 for consistency with the AWS botocore SDK. - The I(ec2_secret_key) alias has been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_SECRET_KEY) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str endpoint_url: aliases: - ec2_url - aws_endpoint_url - s3_url description: - URL to connect to instead of the default AWS endpoints. While this can be used to connection to other AWS-compatible services the amazon.aws and community.aws collections are only tested against AWS. - The C(AWS_URL) or C(EC2_URL) environment variables may also be used, in decreasing order of preference. - The I(ec2_url) and I(s3_url) aliases have been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_URL) environment variable has been deprecated and will be removed in a release after 2024-12-01. type: str purge_routes: default: 'yes' description: Purge existing routes that are not found in routes. type: bool version_added: '2.3' version_added_collection: ansible.builtin aws_ca_bundle: description: - The location of a CA Bundle to use when validating SSL certificates. - The C(AWS_CA_BUNDLE) environment variable may also be used. type: path purge_subnets: default: 'true' description: Purge existing subnets that are not found in subnets. Ignored unless the subnets option is supplied. version_added: '2.3' version_added_collection: ansible.builtin session_token: aliases: - aws_session_token - security_token - aws_security_token - access_token description: - AWS STS session token for use with temporary credentials. - See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). - The C(AWS_SESSION_TOKEN), C(AWS_SECURITY_TOKEN) or C(EC2_SECURITY_TOKEN) environment variables may also be used in decreasing order of preference. - The I(security_token) and I(profile) options are mutually exclusive. - Aliases I(aws_session_token) and I(session_token) were added in release 3.2.0, with the parameter being renamed from I(security_token) to I(session_token) in release 6.0.0. - The I(security_token), I(aws_security_token), and I(access_token) aliases have been deprecated and will be removed in a release after 2024-12-01. - Support for the C(EC2_SECRET_KEY) and C(AWS_SECURITY_TOKEN) environment variables has been deprecated and will be removed in a release after 2024-12-01. type: str route_table_id: description: The ID of the route table to update or delete. validate_certs: default: true description: - When set to C(false), SSL certificates will not be validated for communication with the AWS APIs. - Setting I(validate_certs=false) is strongly discouraged, as an alternative, consider setting I(aws_ca_bundle) instead. type: bool propagating_vgw_ids: description: Enable route propagation from virtual gateways specified by ID. debug_botocore_endpoint_logs: default: false description: - Use a C(botocore.endpoint) logger to parse the unique (rather than total) C("resource:action") API calls made during a task, outputing the set to the resource_actions key in the task results. Use the C(aws_resource_action) callback to output to total list made during a playbook. - The C(ANSIBLE_DEBUG_BOTOCORE_LOGS) environment variable may also be used. type: bool
route_table: contains: associations: contains: main: description: Whether this is the main route table returned: always sample: false type: bool route_table_association_id: description: ID of association between route table and subnet returned: always sample: rtbassoc-ab47cfc3 type: string route_table_id: description: ID of the route table returned: always sample: rtb-bf779ed7 type: string subnet_id: description: ID of the subnet returned: always sample: subnet-82055af9 type: string description: List of subnets associated with the route table returned: always type: complex id: description: ID of the route table (same as route_table_id for backwards compatibility) returned: always sample: rtb-bf779ed7 type: string propagating_vgws: description: List of Virtual Private Gateways propagating routes returned: always sample: [] type: list route_table_id: description: ID of the route table returned: always sample: rtb-bf779ed7 type: string routes: contains: destination_cidr_block: description: CIDR block of destination returned: always sample: 10.228.228.0/22 type: string gateway_id: description: ID of the gateway returned: when gateway is local or internet gateway sample: local type: string instance_id: description: ID of a NAT instance returned: when the route is via an EC2 instance sample: i-abcd123456789 type: string instance_owner_id: description: AWS account owning the NAT instance returned: when the route is via an EC2 instance sample: 123456789012 type: string nat_gateway_id: description: ID of the NAT gateway returned: when the route is via a NAT gateway sample: local type: string origin: description: mechanism through which the route is in the table returned: always sample: CreateRouteTable type: string state: description: state of the route returned: always sample: active type: string description: List of routes in the route table returned: always type: complex tags: description: Tags applied to the route table returned: always sample: Name: Public route table Public: 'true' type: dict vpc_id: description: ID for the VPC in which the route lives returned: always sample: vpc-6e2d2407 type: string description: Route Table result returned: always type: complex