Trouble with ec2_vpc_vgw

I am trying to run ec2_vpc_vgw just to attach a vpc to a vgw (virtual private gateway). The vgw and vpc both already exist. I don’t need to create them. Here’s what I run:

  • name: attach vpc to virtual private gateway
    ec2_vpc_vgw:
    region: “{{ openshift_aws_region }}”
    vpc_id: “{{ vpcout.vpcs[0].id }}”
    vpn_gateway_id: “{{ openshift_aws_vgw_id }}”

Here is an error that results:

fatal: [localhost]: FAILED! => {
“changed”: false,
“invocation”: {
“module_args”: {
“region”: “us-east-1”,
“state”: “present”,
“type”: “ipsec.1”,
“validate_certs”: true,
“vpc_id”: “vpc-427cb738”,
“vpn_gateway_id”: “vgw-ff0ffe96”,
“wait_timeout”: 320
}
},
“msg”: “state is present but all of the following are missing: name”
}

The Ansible modules documentation doesn’t say that name is required. And in this scenario name shouldn’t matter anyway, I’m giving it the specific vgw I want to attach to. The documentation examples don’t give an example of just attaching an existing vpc to an existing vgw. It only has examples for creating a new vgw or deleting one. So it’s no help.

Anyone know what’s going on here? How do I attach an existing vpc to an existing vgw?

I have not tried this myself, but it occurs to me that maybe you should be using ec2_vpc_vpn to modify the VPN’s gateway, rather than using ec2_vpc_vgw to modify the gateway’s VPN.

That is, don’t think of it as attaching a VPN to a gateway, think of it as associating a gateway with a VPN.

BTW, name is a parameter for a gateway, though not for a VPN.

Regards, K.

My reasoning on that was that I don’t need to set up a whole VPN connection. It’s already set up. I just need to attach the VPC to the gateway.

But maybe you’re right. It’s hard to tell from the documentation on docs.ansible.com.

Let us know when you’ve tried it…