Append/Edit aws route table entry

Question

I have created a VPC B through Ansible playbook. Now I want to do the VPC peering between VPC B and VPC A. I can create VPC peering and activate the VPC peering connection.

But I am struggling with how to Append/Edit existing route table entry for VPC A with the new vpc_peering_id.

AWS automatically adds the routes when you peer VPCs. Check your route tables. — Karen B, Jul 14 '16 at 06:05
@KarenB I'm pretty sure that it doesn't. That would be a potentially crazy default because you might only want to route one subnet to one subnet not the entire VPC to the entire VPC so how could they possibly know what you want to do? — ydaetskcoR, Jul 14 '16 at 06:24

score 2 · Accepted Answer · answered Jul 14 '16 at 07:29

One way to update the route table through AWS CLI replace-route command.

Example: aws ec2 replace-route --route-table-id rtb-d0e3dsb7 --destination-cidr-block 10.101.0.0/16 --vpc-peering-connection-id pcx-0ffa4766

This will update vpc_peering_connection_id -pcx-0ffa4766 as gateway for CIDR 10.101.0.0/16 in existing route table -rtb-d0e3dsb7.

Now I can use this command in Ansible play, which will update vpc_peering_id in existing route table of VPC A to communicate between VPC A and VPC B.

score 2 · Answer 2 · answered Jul 14 '16 at 07:54

While you can always shell out with Ansible you're normally always better off to use a module if possible as it should bring with it idempotency and better control of flow and output.

So in this case you should be using the ec2_vpc_route_table module released in Ansible 2.

A basic example might look something like this:

- name: private route table
  ec2_vpc_route_table:
    vpc_id: "{{ vpc_a_id }}"
    region: "{{ ec2_region }}"
    tags:
      Name: private
    subnets:
      - "{{ private_subnet_a.id }}"
      - "{{ private_subnet_b.id }}"
      - "{{ private_subnet_c.id }}"
    routes:
      - dest: 0.0.0.0/0
        gateway_id: "{{ nat_instance }}"
      - dest: "{{ vpc_b_cidr }}"
        gateway_id: "{{ vpc_a_to_b_pcx_id }}"
  register: private_route_table

This will create a route table that is associated with 3 private subnets and have 2 routes: one being the VPC peering route to VPC B for the CIDR range of that VPC and the other being a default route which will go to the internet via a NAT instance/gateway.

zqcolor · Answer 3 · 2019-05-03T00:57:47.447

Thanks @PrashantB

I want to add new route instead of replace current route, so just changed to create-route, also need change region before/after for the peering connection setup

aws configure set default.region us-east-1
aws ec2 create-route --route-table-id rtb-09ddaxxxxxxxxxxxx -destination-cidr-block 10.5.5.0/24 --vpc-peering-connection-id pcx-063xxxxxxxxxx8a1a
aws configure set default.region us-east-2

Code inside Ansible playbook

- name: change region for adding peer connection route to peer route table for peer connection bi-directional
  local_action: command aws configure set default.region us-east-1

- name: add peer connection route to peer route table for peer connection bi-directional
  local_action: command aws ec2 create-route --route-table-id {{ peer_route_table_id_edge_private }} --destination-cidr-block 10.255.251.0/24 --vpc-peering-connection-id {{ peer_id }}
  ignore_errors: yes
  register: peer_route

- debug: var=peer_route

- name: change region for adding peer connection route to peer route table for peer connection bi-directional
  local_action: command aws configure set default.region us-east-2

Code inside Ansible playbook with loop results

    - name: add peer connection route to peer route table for peer connection bi-directional
      local_action: command aws ec2 create-route --route-table-id {{ item.route_table.id }} --destination-cidr-block {{ vpc_cidr_block }} --vpc-peering-connection-id {{ peer_id_edge }}
      ignore_errors: yes
      loop: "{{ private_rtbs_edge.results }}"
      register: peer_route

    - debug: var=peer_route

Append/Edit aws route table entry

3 Answers3