File: //lib/python3.9/site-packages/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/aws.yml
- name: Create ISE VPC
amazon.aws.ec2_vpc_net:
name: "{{ aws_vpc_name }}"
cidr_block: "{{ aws_vpc_cidr }}"
region: "{{ aws_region }}"
tags:
name: ISE VPC
register: vpc
- name: Create subnet for ISE servers
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ vpc.vpc.id }}"
cidr: "{{ aws_subnet_cidr }}"
region: "{{ aws_region }}"
tags:
Name: ISE Subnet
register: subnet
- name: ISE VPC SG Group
amazon.aws.ec2_group:
name: ISE Public Access
description: ISE Security Group
vpc_id: "{{ vpc.vpc.id }}"
region: "{{ aws_region }}"
rules:
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: "{{ aws_public_access_cidr}}"
rule_desc: Allow HTTPS access
- proto: tcp
from_port: 0
to_port: 65535
cidr_ip: "{{ aws_public_access_cidr}}"
rule_desc: Allow everything TCP
- proto: udp
from_port: 0
to_port: 65535
cidr_ip: "{{ aws_public_access_cidr}}"
rule_desc: Allow everything UDP
- proto: icmp
from_port: -1
to_port: -1
cidr_ip: "{{ aws_public_access_cidr}}"
tags:
Name: ISE VPC SG Group
register: public_sg
- name: ISE ec2 key pair
amazon.aws.ec2_key:
name: "{{ aws_keypair_name }}"
register: keypair
- name: Show keypair
ansible.builtin.debug:
var: keypair
- name: Copy keypair to local file
copy:
dest: "./{{ aws_keypair_name }}.id_rsa"
content: "{{ keypair.key.private_key }}"
when: keypair.key.private_key is defined
- include_tasks: single_node.yml
when: ise_deployment_type == "single"
- include_tasks: small_deployment.yml
when: ise_deployment_type == "small"
- include_tasks: medium_deployment.yml
when: ise_deployment_type == "medium"
- include_tasks: large_deployment.yml
when: ise_deployment_type == "large"