boto3_vpc

Manage VPCs using boto3.

Renamed from boto_vpc to boto3_vpc and updated to call the refactored boto3_vpc execution module.

Create and destroy VPCs. Be aware that this interacts with Amazon’s services, and so may incur charges.

depends:

• boto3 >= 1.28.0

• botocore >= 1.31.0

This module uses boto3, which can be installed via package, or pip.

This module accepts explicit VPC credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More information available here.

If IAM roles are not used you need to specify them either in a pillar file or in the minion’s config file:

vpc.keyid: GKTADJGHEIQSXMKKRBJ08H
vpc.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

It’s also possible to specify key, keyid and region via a profile, either passed in as a dict, or as a string to pull from pillars or minion config:

myprofile:
    keyid: GKTADJGHEIQSXMKKRBJ08H
    key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
    region: us-east-1

Ensure VPC exists:
  boto3_vpc.present:
    - name: myvpc
    - cidr_block: 10.10.11.0/24
    - region: us-east-1

Ensure subnet exists:
  boto3_vpc.subnet_present:
    - name: mysubnet
    - vpc_id: vpc-123456
    - cidr_block: 10.0.0.0/16
    - region: us-east-1
    - profile: myprofile

Added in version 1.0.0.

saltext.boto3.states.boto3_vpc.__virtual__()

Only load if the boto3_vpc execution module is available.

saltext.boto3.states.boto3_vpc.present(name, cidr_block, instance_tenancy=None, dns_support=None, dns_hostnames=None, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure a VPC with the supplied properties exists.

name

Name of the VPC.

cidr_block

The range of IPs in CIDR format, e.g. 10.0.0.0/24.

instance_tenancy

Tenancy for instances launched in this VPC (default or dedicated).

dns_support

Whether DNS resolution is supported for the VPC.

dns_hostnames

Whether instances launched in the VPC receive DNS hostnames.

tags

Dict of tag key/values to apply.

region, key, keyid, profile

Standard boto3 connection arguments.

Example:

ensure-present:
  boto3_vpc.present:
    - name: example

saltext.boto3.states.boto3_vpc.absent(name, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure the named VPC is absent.

name

Name of the VPC.

tags

Optional tag filter; all tags must match.

Example:

ensure-absent:
  boto3_vpc.absent:
    - name: example

saltext.boto3.states.boto3_vpc.dhcp_options_present(name, dhcp_options_id=None, vpc_name=None, vpc_id=None, domain_name=None, domain_name_servers=None, ntp_servers=None, netbios_name_servers=None, netbios_node_type=None, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure a DHCP options set with the given settings exists.

Note

This implementation only sets values during option set creation. It cannot update an existing option set in place.

name

Name of the DHCP options set.

Example:

ensure-dhcp-options-present:
  boto3_vpc.dhcp_options_present:
    - name: example

saltext.boto3.states.boto3_vpc.dhcp_options_absent(name=None, dhcp_options_id=None, region=None, key=None, keyid=None, profile=None)

Ensure a DHCP options set is absent.

Example:

ensure-dhcp-options-absent:
  boto3_vpc.dhcp_options_absent:
    - name: example

saltext.boto3.states.boto3_vpc.subnet_present(name, cidr_block, vpc_name=None, vpc_id=None, availability_zone=None, tags=None, region=None, key=None, keyid=None, profile=None, auto_assign_public_ipv4=False)

Ensure a subnet exists.

Note

Route table association is not handled by the boto3_vpc subnet states yet; that will land with the route_table port.

name

Name of the subnet.

cidr_block

The range of IPs for the subnet, in CIDR format.

vpc_name / vpc_id

Identify the VPC the subnet belongs to (one is required).

availability_zone

Optional AZ to place the subnet in.

auto_assign_public_ipv4

If True, instances launched into this subnet will be assigned a public IPv4 address by default.

Example:

ensure-subnet-present:
  boto3_vpc.subnet_present:
    - name: example

saltext.boto3.states.boto3_vpc.subnet_absent(name=None, subnet_id=None, region=None, key=None, keyid=None, profile=None)

Ensure a subnet is absent.

Example:

ensure-subnet-absent:
  boto3_vpc.subnet_absent:
    - name: example

saltext.boto3.states.boto3_vpc.internet_gateway_present(name, vpc_name=None, vpc_id=None, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure an internet gateway exists.

name

Name of the internet gateway.

vpc_name

Name of the VPC to which the internet gateway should be attached.

vpc_id

Id of the VPC to which the internet_gateway should be attached. Only one of vpc_name or vpc_id may be provided.

tags

A list of tags.

region, key, keyid, profile

Standard boto3 connection arguments.

Example:

ensure-internet-gateway-present:
  boto3_vpc.internet_gateway_present:
    - name: example

saltext.boto3.states.boto3_vpc.internet_gateway_absent(name, detach=False, region=None, key=None, keyid=None, profile=None)

Ensure the named internet gateway is absent.

name

Name of the internet gateway.

detach

First detach the internet gateway from a VPC, if attached.

Example:

ensure-internet-gateway-absent:
  boto3_vpc.internet_gateway_absent:
    - name: example

saltext.boto3.states.boto3_vpc.route_table_present(name, vpc_name=None, vpc_id=None, routes=None, subnet_ids=None, subnet_names=None, tags=None, region=None, key=None, keyid=None, profile=None)

Ensure route table with routes exists and is associated to a VPC.

Example:

boto3_vpc.route_table_present:
  - name: my_route_table
  - vpc_id: vpc-123456
  - routes:
    - destination_cidr_block: 0.0.0.0/0
      internet_gateway_name: InternetGateway
    - destination_cidr_block: 10.10.11.0/24
      instance_id: i-123456
    - destination_cidr_block: 10.10.12.0/24
      interface_id: eni-123456
  - subnet_names:
    - subnet1
    - subnet2

saltext.boto3.states.boto3_vpc.route_table_absent(name, region=None, key=None, keyid=None, profile=None)

Ensure the named route table is absent.

Example:

ensure-route-table-absent:
  boto3_vpc.route_table_absent:
    - name: example

saltext.boto3.states.boto3_vpc.nat_gateway_present(name, subnet_name=None, subnet_id=None, region=None, key=None, keyid=None, profile=None, allocation_id=None)

Ensure a nat gateway exists within the specified subnet.

Example:

boto3_vpc.nat_gateway_present:
  - subnet_name: my-subnet

saltext.boto3.states.boto3_vpc.nat_gateway_absent(name=None, subnet_name=None, subnet_id=None, region=None, key=None, keyid=None, profile=None, wait_for_delete_retries=0)

Ensure the nat gateway in the named subnet is absent.

Example:

ensure-nat-gateway-absent:
  boto3_vpc.nat_gateway_absent:
    - name: example

saltext.boto3.states.boto3_vpc.accept_vpc_peering_connection(name=None, conn_id=None, conn_name=None, region=None, key=None, keyid=None, profile=None)

Accept a VPC pending requested peering connection between two VPCs.

Example:

boto3_vpc.accept_vpc_peering_connection:
  - conn_name: salt_peering_connection

saltext.boto3.states.boto3_vpc.request_vpc_peering_connection(name, requester_vpc_id=None, requester_vpc_name=None, peer_vpc_id=None, peer_vpc_name=None, conn_name=None, peer_owner_id=None, peer_region=None, region=None, key=None, keyid=None, profile=None)

Request a VPC peering connection between two VPCs.

Example:

request a vpc peering connection:
  boto3_vpc.request_vpc_peering_connection:
    - requester_vpc_id: vpc-4b3522e
    - peer_vpc_id: vpc-ae83f9ca
    - conn_name: salt_peering_connection

saltext.boto3.states.boto3_vpc.vpc_peering_connection_present(name, requester_vpc_id=None, requester_vpc_name=None, peer_vpc_id=None, peer_vpc_name=None, conn_name=None, peer_owner_id=None, peer_region=None, region=None, key=None, keyid=None, profile=None)

Ensure a VPC peering connection is present.

Example:

ensure-vpc-peering-connection-present:
  boto3_vpc.vpc_peering_connection_present:
    - name: example

saltext.boto3.states.boto3_vpc.vpc_peering_connection_absent(name, conn_id=None, conn_name=None, region=None, key=None, keyid=None, profile=None)

Ensure a VPC peering connection is absent.

Example:

ensure-vpc-peering-connection-absent:
  boto3_vpc.vpc_peering_connection_absent:
    - name: example

saltext.boto3.states.boto3_vpc.delete_vpc_peering_connection(name, conn_id=None, conn_name=None, region=None, key=None, keyid=None, profile=None)

Delete a VPC peering connection.

Example:

ensure-delete-vpc-peering-connection:
  boto3_vpc.delete_vpc_peering_connection:
    - name: example