Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Undefined
Fix Version/s: None
Affects Version/s: Unspecified
Component/s: cloud-content, Public Cloud
Labels:
- aws
- github

Blocked:
True
Blocked Reason:

Hide

Waiting on contributor response on github issue

Show
Waiting on contributor response on github issue
Ready:
False
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

https://github.com/ansible-collections/amazon.aws/issues/1867

1. 1. Summary

I am trying to create a route table used for VPC IGW Ingress Routing that directs inbound traffic to a VPC Endpoint (AWS Network Firewall) as described in the workshop below. To do this, I need to add a route to the route table with "dest = (subnet CIDR)" and "vpc_endpoint_id = (vpce for firewall)".

Therefore, the `ec2_vpc_route_table` should support routes with `vpc_endpoint_id` as the destination or possibly support `vpce-` endpoints for the `gateway_id` parameter with a destination CIDR block inside the VPC (i.e. a subnet CIDR).

This route table will be associated with an IGW using the `gateway_id` top-level parameter (which is different from the route parameter).

1. 1. 1. Additional Cited Information Resources

[VPC route table configuration for AWS Network Firewall
](https://docs.aws.amazon.com/network-firewall/latest/developerguide/vpc-config.html#vpc-config-route-tables)
[boto3: EC2 create_route](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ec2/routetable/create_route.html) – note the parameter used in the API/SDK is `VpcEndpointId`
[Hands-on Network Firewall Workshop: Lab Two, Step Two](https://catalog.us-east-1.prod.workshops.aws/workshops/d071f444-e854-4f3f-98c8-025fa0d1de2f/en-US/lab-two/step-two) – note the desired route table configuration

1. 1. Issue Type

Feature Idea

1. 1. Component Name

ec2_vpc_route_table

1. 1. Additional Information

```yaml

with VPC CIDR of 10.10.0.0/16 and "protected" subnets 10.10.1.0/24 and 10.10.4.0/24

name: Create gateway route table
amazon.aws.ec2_vpc_route_table:
vpc_id: "{{ vpc_result.vpc.id }}"
gateway_id: "{{ igw_result.gateway_id }}"
routes:
dest: 10.10.1.0/24
vpc_endpoint_id: "vpce-0807bf6d9f4368661" # Endpoint for AWS Network Gateway in AZ A
dest: 10.10.4.0/24
vpc_endpoint_id: "vpce-6d9f43686610807bf" # Endpoint for AWS Network Gateway in AZ B
```

1. 1. Code of Conduct

[X] I agree to follow the Ansible Code of Conduct

Assignee:: Mandar Kulkarni

Reporter:: Jill Rouleau

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/08/21 10:00 PM

Updated:: 2024/09/04 5:38 PM

Resolved:: 2024/09/04 5:38 PM

Details

Description

Attachments

Activity

People

Dates