salt.modules.boto_vpc

Connection module for Amazon VPC

2014.7.0 新版功能.

configuration:

This module accepts explicit VPC credentials but can also utilize IAM roles assigned to the instance trough Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More Information available at:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

If IAM roles are not used you need to specify them either in a pillar or in the minion's config file:

vpc.keyid: GKTADJGHEIQSXMKKRBJ08H
vpc.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

A region may also be specified in the configuration:

vpc.region: us-east-1

If a region is not specified, the default is us-east-1.

It's also possible to specify key, keyid and region via a profile, either as a passed in dict, or as a string to pull from pillars or minion config:

myprofile:
    keyid: GKTADJGHEIQSXMKKRBJ08H
    key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
    region: us-east-1

在 2015.8.0 版更改: All methods now return a dictionary. Create and delete methods return:

created: true

or

created: false
error:
  message: error message

Request methods (e.g., describe_vpc) return:

vpcs:
  - {...}
  - {...}

or

error:
  message: error message
depends:boto
salt.modules.boto_vpc.associate_dhcp_options_to_vpc(dhcp_options_id, vpc_id=None, vpc_name=None, region=None, key=None, keyid=None, profile=None)

Given valid DHCP options id and a valid VPC id, associate the DHCP options record with the VPC.

Returns True if the DHCP options record were associated and returns False if the DHCP options record was not associated.

CLI Example:

salt myminion boto_vpc.associate_dhcp_options_to_vpc 'dhcp-a0bl34pp' 'vpc-6b1fe402'
salt.modules.boto_vpc.associate_network_acl_to_subnet(network_acl_id=None, subnet_id=None, network_acl_name=None, subnet_name=None, region=None, key=None, keyid=None, profile=None)

Given a network acl and subnet ids or names, associate a network acl to a subnet.

CLI Example:

salt myminion boto_vpc.associate_network_acl_to_subnet \
        network_acl_id='acl-5fb85d36' subnet_id='subnet-6a1fe403'
salt myminion boto_vpc.associate_network_acl_to_subnet \
        network_acl_id='myacl' subnet_id='mysubnet'
salt.modules.boto_vpc.associate_route_table(route_table_id=None, subnet_id=None, route_table_name=None, subnet_name=None, region=None, key=None, keyid=None, profile=None)

Given a route table and subnet name or id, associates the route table with the subnet.

CLI Example:

salt myminion boto_vpc.associate_route_table 'rtb-1f382e7d' 'subnet-6a1fe403'
salt myminion boto_vpc.associate_route_table route_table_name='myrtb' \
        subnet_name='mysubnet'
salt.modules.boto_vpc.check_vpc(vpc_id=None, vpc_name=None, region=None, key=None, keyid=None, profile=None)

Check whether a VPC with the given name or id exists. Returns the vpc_id or None. Raises SaltInvocationError if both vpc_id and vpc_name are None. Optionally raise a CommandExecutionError if the VPC does not exist.

2016.3.0 新版功能.

CLI Example:

salt myminion boto_vpc.check_vpc vpc_name=myvpc profile=awsprofile
salt.modules.boto_vpc.create(cidr_block, instance_tenancy=None, vpc_name=None, enable_dns_support=None, enable_dns_hostnames=None, tags=None, region=None, key=None, keyid=None, profile=None)

Given a valid CIDR block, create a VPC.

An optional instance_tenancy argument can be provided. If provided, the valid values are 'default' or 'dedicated'

An optional vpc_name argument can be provided.

Returns {created: true} if the VPC was created and returns {created: False} if the VPC was not created.

CLI Example:

salt myminion boto_vpc.create '10.0.0.0/24'
salt.modules.boto_vpc.create_customer_gateway(vpn_connection_type, ip_address, bgp_asn, customer_gateway_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Given a valid VPN connection type, a static IP address and a customer gateway’s Border Gateway Protocol (BGP) Autonomous System Number, create a customer gateway.

Returns the customer gateway id if the customer gateway was created and returns False if the customer gateway was not created.

CLI Example:

salt myminion boto_vpc.create_customer_gateway 'ipsec.1', '12.1.2.3', 65534
salt.modules.boto_vpc.create_dhcp_options(domain_name=None, domain_name_servers=None, ntp_servers=None, netbios_name_servers=None, netbios_node_type=None, dhcp_options_name=None, tags=None, vpc_id=None, vpc_name=None, region=None, key=None, keyid=None, profile=None)

Given valid DHCP options, create a DHCP options record, optionally associating it with an existing VPC.

Returns True if the DHCP options record was created and returns False if the DHCP options record was not deleted.

在 2015.8.0 版更改: Added vpc_name and vpc_id arguments

CLI Example:

salt myminion boto_vpc.create_dhcp_options domain_name='example.com' \
        domain_name_servers='[1.2.3.4]' ntp_servers='[5.6.7.8]' \
        netbios_name_servers='[10.0.0.1]' netbios_node_type=1 \
        vpc_name='myvpc'
salt.modules.boto_vpc.create_internet_gateway(internet_gateway_name=None, vpc_id=None, vpc_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Create an Internet Gateway, optionally attaching it to an existing VPC.

Returns the internet gateway id if the internet gateway was created and returns False if the internet gateways was not created.

2015.8.0 新版功能.

CLI Example:

salt myminion boto_vpc.create_internet_gateway \
        internet_gateway_name=myigw vpc_name=myvpc
salt.modules.boto_vpc.create_network_acl(vpc_id=None, vpc_name=None, network_acl_name=None, subnet_id=None, subnet_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Given a vpc_id, creates a network acl.

Returns the network acl id if successful, otherwise returns False.

在 2015.8.0 版更改: Added vpc_name, subnet_id, and subnet_name arguments

CLI Example:

salt myminion boto_vpc.create_network_acl 'vpc-6b1fe402'
salt.modules.boto_vpc.create_network_acl_entry(network_acl_id=None, rule_number=None, protocol=None, rule_action=None, cidr_block=None, egress=None, network_acl_name=None, icmp_code=None, icmp_type=None, port_range_from=None, port_range_to=None, region=None, key=None, keyid=None, profile=None)

Creates a network acl entry.

CLI Example:

salt myminion boto_vpc.create_network_acl_entry 'acl-5fb85d36' '32767' \
        'all' 'deny' '0.0.0.0/0' egress=true
salt.modules.boto_vpc.create_route(route_table_id=None, destination_cidr_block=None, route_table_name=None, gateway_id=None, internet_gateway_name=None, instance_id=None, interface_id=None, region=None, key=None, keyid=None, profile=None)

Creates a route.

CLI Example:

salt myminion boto_vpc.create_route 'rtb-1f382e7d' '10.0.0.0/16' gateway_id='vgw-a1b2c3'
salt.modules.boto_vpc.create_route_table(vpc_id=None, vpc_name=None, route_table_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Creates a route table.

在 2015.8.0 版更改: Added vpc_name argument

CLI Examples:

salt myminion boto_vpc.create_route_table vpc_id='vpc-6b1fe402' \
        route_table_name='myroutetable'
salt myminion boto_vpc.create_route_table vpc_name='myvpc' \
        route_table_name='myroutetable'
salt.modules.boto_vpc.create_subnet(vpc_id=None, cidr_block=None, vpc_name=None, availability_zone=None, subnet_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Given a valid VPC ID or Name and a CIDR block, create a subnet for the VPC.

An optional availability zone argument can be provided.

Returns True if the VPC subnet was created and returns False if the VPC subnet was not created.

在 2015.8.0 版更改: Added vpc_name argument

CLI Examples:

salt myminion boto_vpc.create_subnet vpc_id='vpc-6b1fe402' \
        subnet_name='mysubnet' cidr_block='10.0.0.0/25'
salt myminion boto_vpc.create_subnet vpc_name='myvpc' \
        subnet_name='mysubnet', cidr_block='10.0.0.0/25'
salt.modules.boto_vpc.customer_gateway_exists(customer_gateway_id=None, customer_gateway_name=None, region=None, key=None, keyid=None, profile=None)

Given a customer gateway ID, check if the customer gateway ID exists.

Returns True if the customer gateway ID exists; Returns False otherwise.

CLI Example:

salt myminion boto_vpc.customer_gateway_exists cgw-b6a247df
salt myminion boto_vpc.customer_gateway_exists customer_gatway_name=mycgw
salt.modules.boto_vpc.delete(vpc_id=None, name=None, vpc_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Given a VPC ID or VPC name, delete the VPC.

Returns {deleted: true} if the VPC was deleted and returns {deleted: false} if the VPC was not deleted.

CLI Example:

salt myminion boto_vpc.delete vpc_id='vpc-6b1fe402'
salt myminion boto_vpc.delete name='myvpc'
salt.modules.boto_vpc.delete_customer_gateway(customer_gateway_id=None, customer_gateway_name=None, region=None, key=None, keyid=None, profile=None)

Given a customer gateway ID or name, delete the customer gateway.

Returns True if the customer gateway was deleted and returns False if the customer gateway was not deleted.

在 2015.8.0 版更改: Added customer_gateway_name argument

CLI Example:

salt myminion boto_vpc.delete_customer_gateway 'cgw-b6a247df'
salt.modules.boto_vpc.delete_dhcp_options(dhcp_options_id=None, dhcp_options_name=None, region=None, key=None, keyid=None, profile=None)

Delete dhcp options by id or name.

2015.8.0 新版功能.

CLI Example:

salt myminion boto_vpc.delete_dhcp_options 'dopt-b6a247df'
salt.modules.boto_vpc.delete_internet_gateway(internet_gateway_id=None, internet_gateway_name=None, detach=False, region=None, key=None, keyid=None, profile=None)

Delete an internet gateway (by name or id).

Returns True if the internet gateway was deleted and otherwise False.

2015.8.0 新版功能.

CLI Examples:

salt myminion boto_vpc.delete_internet_gateway internet_gateway_id=igw-1a2b3c
salt myminion boto_vpc.delete_internet_gateway internet_gateway_name=myigw
salt.modules.boto_vpc.delete_network_acl(network_acl_id=None, network_acl_name=None, disassociate=False, region=None, key=None, keyid=None, profile=None)

Delete a network acl based on the network_acl_id or network_acl_name provided.

CLI Examples:

salt myminion boto_vpc.delete_network_acl network_acl_id='acl-5fb85d36' \
        disassociate=false
salt myminion boto_vpc.delete_network_acl network_acl_name='myacl' \
        disassociate=true
salt.modules.boto_vpc.delete_network_acl_entry(network_acl_id=None, rule_number=None, egress=None, network_acl_name=None, region=None, key=None, keyid=None, profile=None)

Deletes a network acl entry.

CLI Example:

salt myminion boto_vpc.delete_network_acl_entry 'acl-5fb85d36' '32767'
salt.modules.boto_vpc.delete_route(route_table_id=None, destination_cidr_block=None, route_table_name=None, region=None, key=None, keyid=None, profile=None)

Deletes a route.

CLI Example:

salt myminion boto_vpc.delete_route 'rtb-1f382e7d' '10.0.0.0/16'
salt.modules.boto_vpc.delete_route_table(route_table_id=None, route_table_name=None, region=None, key=None, keyid=None, profile=None)

Deletes a route table.

CLI Examples:

salt myminion boto_vpc.delete_route_table route_table_id='rtb-1f382e7d'
salt myminion boto_vpc.delete_route_table route_table_name='myroutetable'
salt.modules.boto_vpc.delete_subnet(subnet_id=None, subnet_name=None, region=None, key=None, keyid=None, profile=None)

Given a subnet ID or name, delete the subnet.

Returns True if the subnet was deleted and returns False if the subnet was not deleted.

在 2015.8.0 版更改: Added subnet_name argument

CLI Example:

salt myminion boto_vpc.delete_subnet 'subnet-6a1fe403'
salt.modules.boto_vpc.describe(vpc_id=None, vpc_name=None, region=None, key=None, keyid=None, profile=None)

Given a VPC ID describe its properties.

Returns a dictionary of interesting properties.

在 2015.8.0 版更改: Added vpc_name argument

CLI Example:

salt myminion boto_vpc.describe vpc_id=vpc-123456
salt myminion boto_vpc.describe vpc_name=myvpc
salt.modules.boto_vpc.describe_route_table(route_table_id=None, route_table_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Given route table properties, return route table details if matching table(s) exist.

2015.8.0 新版功能.

CLI Example:

salt myminion boto_vpc.describe_route_table route_table_id='rtb-1f382e7d'
salt.modules.boto_vpc.describe_subnet(subnet_id=None, subnet_name=None, region=None, key=None, keyid=None, profile=None)

Given a subnet id or name, describe its properties.

Returns a dictionary of interesting properties.

2015.8.0 新版功能.

CLI Examples:

salt myminion boto_vpc.describe_subnet subnet_id=subnet-123456
salt myminion boto_vpc.describe_subnet subnet_name=mysubnet
salt.modules.boto_vpc.describe_subnets(subnet_ids=None, subnet_names=None, vpc_id=None, cidr=None, region=None, key=None, keyid=None, profile=None)

Given a VPC ID or subnet CIDR, returns a list of associated subnets and their details. Return all subnets if VPC ID or CIDR are not provided. If a subnet id or CIDR is provided, only its associated subnet details will be returned.

2015.8.0 新版功能.

CLI Examples:

salt myminion boto_vpc.describe_subnets
salt myminion boto_vpc.describe_subnets subnet_ids=['subnet-ba1987ab', 'subnet-ba1987cd']
salt myminion boto_vpc.describe_subnets vpc_id=vpc-123456
salt myminion boto_vpc.describe_subnets cidr=10.0.0.0/21
salt.modules.boto_vpc.describe_vpcs(vpc_id=None, name=None, cidr=None, tags=None, region=None, key=None, keyid=None, profile=None)

Describe all VPCs, matching the filter criteria if provided.

Returns a a list of dictionaries with interesting properties.

2015.8.0 新版功能.

CLI Example:

salt myminion boto_vpc.describe_vpcs
salt.modules.boto_vpc.dhcp_options_exists(dhcp_options_id=None, name=None, dhcp_options_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Check if a dhcp option exists.

Returns True if the dhcp option exists; Returns False otherwise.

CLI Example:

salt myminion boto_vpc.dhcp_options_exists dhcp_options_id='dhcp-a0bl34pp'
salt.modules.boto_vpc.disassociate_network_acl(subnet_id=None, vpc_id=None, subnet_name=None, vpc_name=None, region=None, key=None, keyid=None, profile=None)

Given a subnet ID, disassociates a network acl.

CLI Example:

salt myminion boto_vpc.disassociate_network_acl 'subnet-6a1fe403'
salt.modules.boto_vpc.disassociate_route_table(association_id, region=None, key=None, keyid=None, profile=None)

Dissassociates a route table.

association_id
The Route Table Association ID to disassociate

CLI Example:

salt myminion boto_vpc.disassociate_route_table 'rtbassoc-d8ccddba'
salt.modules.boto_vpc.exists(vpc_id=None, name=None, cidr=None, tags=None, region=None, key=None, keyid=None, profile=None)

Given a VPC ID, check to see if the given VPC ID exists.

Returns True if the given VPC ID exists and returns False if the given VPC ID does not exist.

CLI Example:

salt myminion boto_vpc.exists myvpc
salt.modules.boto_vpc.get_dhcp_options(dhcp_options_name=None, dhcp_options_id=None, region=None, key=None, keyid=None, profile=None)

Return a dict with the current values of the requested DHCP options set

CLI Example:

salt myminion boto_vpc.get_dhcp_options 'myfunnydhcpoptionsname'

2016.3.0 新版功能.

salt.modules.boto_vpc.get_id(name=None, cidr=None, tags=None, region=None, key=None, keyid=None, profile=None)

Given VPC properties, return the VPC id if a match is found.

CLI Example:

salt myminion boto_vpc.get_id myvpc
salt.modules.boto_vpc.get_resource_id(resource, name=None, resource_id=None, region=None, key=None, keyid=None, profile=None)

Get an AWS id for a VPC resource by type and name.

2015.8.0 新版功能.

CLI Example:

salt myminion boto_vpc.get_resource_id internet_gateway myigw
salt.modules.boto_vpc.get_subnet_association(subnets, region=None, key=None, keyid=None, profile=None)

Given a subnet (aka: a vpc zone identifier) or list of subnets, returns vpc association.

Returns a VPC ID if the given subnets are associated with the same VPC ID. Returns False on an error or if the given subnets are associated with different VPC IDs.

CLI Examples:

salt myminion boto_vpc.get_subnet_association subnet-61b47516
salt myminion boto_vpc.get_subnet_association ['subnet-61b47516','subnet-2cb9785b']
salt.modules.boto_vpc.network_acl_exists(network_acl_id=None, name=None, network_acl_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Checks if a network acl exists.

Returns True if the network acl exists or returns False if it doesn't exist.

CLI Example:

salt myminion boto_vpc.network_acl_exists network_acl_id='acl-5fb85d36'
salt.modules.boto_vpc.replace_network_acl_entry(network_acl_id=None, rule_number=None, protocol=None, rule_action=None, cidr_block=None, egress=None, network_acl_name=None, icmp_code=None, icmp_type=None, port_range_from=None, port_range_to=None, region=None, key=None, keyid=None, profile=None)

Replaces a network acl entry.

CLI Example:

salt myminion boto_vpc.replace_network_acl_entry 'acl-5fb85d36' '32767' \
        'all' 'deny' '0.0.0.0/0' egress=true
salt.modules.boto_vpc.replace_route(route_table_id=None, destination_cidr_block=None, route_table_name=None, gateway_id=None, instance_id=None, interface_id=None, region=None, key=None, keyid=None, profile=None)

Replaces a route.

CLI Example:

salt myminion boto_vpc.replace_route 'rtb-1f382e7d' '10.0.0.0/16' gateway_id='vgw-a1b2c3'
salt.modules.boto_vpc.replace_route_table_association(association_id, route_table_id, region=None, key=None, keyid=None, profile=None)

Replaces a route table association.

CLI Example:

salt myminion boto_vpc.replace_route_table_association 'rtbassoc-d8ccddba' 'rtb-1f382e7d'
salt.modules.boto_vpc.resource_exists(resource, name=None, resource_id=None, tags=None, region=None, key=None, keyid=None, profile=None)

Given a resource type and name, return {exists: true} if it exists, {exists: false} if it does not exist, or {error: {message: error text} on error.

2015.8.0 新版功能.

CLI Example:

salt myminion boto_vpc.resource_exists internet_gateway myigw
salt.modules.boto_vpc.route_exists(destination_cidr_block, route_table_name=None, route_table_id=None, gateway_id=None, instance_id=None, interface_id=None, tags=None, region=None, key=None, keyid=None, profile=None)

Checks if a route exists.

2015.8.0 新版功能.

CLI Example:

salt myminion boto_vpc.route_exists destination_cidr_block='10.0.0.0/20' gateway_id='local' route_table_name='test'
salt.modules.boto_vpc.route_table_exists(route_table_id=None, name=None, route_table_name=None, tags=None, region=None, key=None, keyid=None, profile=None)

Checks if a route table exists.

CLI Example:

salt myminion boto_vpc.route_table_exists route_table_id='rtb-1f382e7d'
salt.modules.boto_vpc.subnet_exists(subnet_id=None, name=None, subnet_name=None, cidr=None, tags=None, zones=None, region=None, key=None, keyid=None, profile=None)

Check if a subnet exists.

Returns True if the subnet exists, otherwise returns False.

在 2015.8.0 版更改: Added subnet_name argument Deprecated name argument

CLI Example:

salt myminion boto_vpc.subnet_exists subnet_id='subnet-6a1fe403'