Merge pull request #505 from daveseff/peering_connection

VPC peering connections (#158)

Author: gregohardy

lib/puppet/provider/ec2_vpc_routetable/v2.rb

@@ -34,12 +34,21 @@ def self.prefetch(resources)
   end
 
   def self.route_to_hash(region, route)
-    gateway_name = route.state == 'active' ? gateway_name_from_id(region, route.gateway_id) : nil
-    hash = {
-      'destination_cidr_block' => route.destination_cidr_block,
-      'gateway' => gateway_name,
-    }
-    gateway_name.nil? ? nil : hash
+    if route.gateway_id
+      gateway_name = route.state == 'active' ? gateway_name_from_id(region, route.gateway_id) : nil
+      hash = {
+        'destination_cidr_block' => route.destination_cidr_block,
+        'gateway' => gateway_name,
+      }
+      gateway_name.nil? ? nil : hash
+    elsif route.vpc_peering_connection_id
+      peering_name = route.state == 'active' ? peering_name_from_id(region, route.vpc_peering_connection_id) : nil
+      hash = {
+        'destination_cidr_block' => route.destination_cidr_block,
+        'peering_connection' => peering_name,
+      }
+      peering_name.nil? ? nil : hash
+    end
   end
 
   def self.route_table_to_hash(region, table)
@@ -88,31 +97,45 @@ def create
       )
     end
     routes.each do |route|
-      internet_gateway_response = ec2.describe_internet_gateways(filters: [
-        {name: 'tag:Name', values: [route['gateway']]},
-      ])
-      found_internet_gateway = !internet_gateway_response.data.internet_gateways.empty?
+      route_config = {
+        route_table_id: id,
+        destination_cidr_block: route['destination_cidr_block'],
+      }
 
-      unless found_internet_gateway
-        vpn_gateway_response = ec2.describe_vpn_gateways(filters: [
+      if !route['gateway'].nil?
+        internet_gateway_response = ec2.describe_internet_gateways(filters: [
           {name: 'tag:Name', values: [route['gateway']]},
         ])
-        found_vpn_gateway = !vpn_gateway_response.data.vpn_gateways.empty?
-      end
+        found_internet_gateway = !internet_gateway_response.data.internet_gateways.empty?
 
-      gateway_id = if found_internet_gateway
-                     internet_gateway_response.data.internet_gateways.first.internet_gateway_id
-                   elsif found_vpn_gateway
-                     vpn_gateway_response.data.vpn_gateways.first.vpn_gateway_id
-                   else
-                     nil
-                   end
+        unless found_internet_gateway
+          vpn_gateway_response = ec2.describe_vpn_gateways(filters: [
+            {name: 'tag:Name', values: [route['gateway']]},
+          ])
+          found_vpn_gateway = !vpn_gateway_response.data.vpn_gateways.empty?
+        end
 
-      ec2.create_route(
-        route_table_id: id,
-        destination_cidr_block: route['destination_cidr_block'],
-        gateway_id: gateway_id,
-      ) if gateway_id
+        route_config[:gateway_id] = if found_internet_gateway
+            internet_gateway_response.data.internet_gateways.first.internet_gateway_id
+          elsif found_vpn_gateway
+            vpn_gateway_response.data.vpn_gateways.first.vpn_gateway_id
+          else
+            nil
+          end
+
+      elsif !route['peering_connection'].nil?
+          vpc_peering_connection_response = ec2.describe_vpc_peering_connections(filters: [
+            {name: 'tag:Name', values: [route['peering_connection']]},
+          ])
+          found_peering_connection = !vpc_peering_connection_response.data.vpc_peering_connections.empty?
+
+        route_config[:vpc_peering_connection_id] = if found_peering_connection
+            vpc_peering_connection_response.data.vpc_peering_connections.first.vpc_peering_connection_id
+          else
+            nil
+          end
+      end
+      ec2.create_route(route_config) if route_config[:gateway_id] or route_config[:vpc_peering_connection_id]
     end
     @property_hash[:ensure] = :present
   end

lib/puppet/type/ec2_vpc_routetable.rb

@@ -28,7 +28,7 @@
   newproperty(:routes, :array_matching => :all) do
     desc 'Individual routes for the routing table.'
     validate do |value|
-      ['destination_cidr_block', 'gateway'].each do |key|
+      ['destination_cidr_block', ].each do |key|
         fail "routes must include a #{key}" unless value.keys.include?(key)
       end
     end

lib/puppet_x/puppetlabs/aws.rb

@@ -653,6 +653,23 @@ def self.gateway_name_from_id(region, gateway_id)
         @gateways[gateway_id]
       end
 
+      def self.peering_name_from_id(region, peering_id)
+        ec2 = ec2_client(region)
+        @peering ||= Hash.new do |h, key|
+          if key
+            begin
+              pcx_response = ec2.describe_vpc_peering_connections(vpc_peering_connection_ids: [key])
+              extract_name_from_tag(pcx_response.data.vpc_peering_connections.first)
+            rescue ::Aws::EC2::Errors::InvalidVpcPeeringConnectionIDNotFound
+              nil
+            end
+          else
+            nil
+          end
+        end
+        @peering[peering_id]
+      end
+
       def self.normalize_hash(hash)
         # Sort and format the received hash for simpler comparison.
         #

spec/unit/type/ec2_vpc_routetable_spec.rb

@@ -49,12 +49,6 @@
     }.to raise_error(Puppet::ResourceError, /routes must include a destination_cidr_block/)
   end
 
-  it 'routes should contain a gateway' do
-    expect {
-      type_class.new(:name => 'sample', :routes => [{'destination_cidr_block' => '10.0.0.0/16' }])
-    }.to raise_error(Puppet::ResourceError, /routes must include a gateway/)
-  end
-
   [
     'name',
     'vpc',