Workflow
AWS EC2 - Modular Automations
Overview
The integration of Itential and the AWS EC2 solution enables network teams to utilize its REST API to build automations that can include common tasks for provisioning and configuring resources for AWS EC2. This is a library of related automations that can be used as modular components in your own larger, end-to-end workflows.
Workflows
| Name | Overview |
|---|---|
| Add Ingress Rule to Security Group - AWS | A modular workflow that automates adding an ingress rule to a security group. |
| Create and Attach Internet Gateway - AWS | A modular workflow that automates creating and attaching an internet gateway to a VPC in AWS. |
| Create EC2 Instance - AWS | A modular workflow that automates creating an EC2 instance in AWS. |
| Create Route - AWS | A modular workflow that automates creating a route within a VPC in AWS. |
| Create Security Group with Ingress Rules - AWS | A modular workflow that automates creating a security group with ingress rules in AWS. |
| Create VPC - AWS | A modular workflow that automates creating a VPC in AWS. |
| Create VPC Subnet - AWS | A modular workflow that automates creating a subnet for a VPC in AWS. |
| Provision VPC with Networking - AWS | A modular workflow that automates creating and configuring a VPC with networking in AWS. |
| Delete Security Groups by VPC - AWS | A modular workflow that automates deleting VPC Security groups in AWS. |
| Delete Subnets by VPC - AWS | A modular workflow that automates deleting subnets by VPC in AWS. |
| Destroy VPC and EC2 Instance - AWS | A modular workflow that automates destroying a VPC and EC2 Instance in AWS |
| Detach and Delete Internet Gateways by VPC - AWS | A modular workflow that automates detaching and deleting VPC internet gateways in AWS. |
For further technical details on how to install and use this Workflow Project, please click the Technical Documentation tab.
Table of Contents
- Getting Started
- Using this Workflow Project
- Add Ingress Rule to Security Group - AWS
- Create EC2 Instance - AWS
- Create Route - AWS
- Create Security Group with Ingress Rules - AWS
- Create VPC - AWS
- Create VPC Subnet - AWS
- Create and Attach Internet Gateway - AWS
- Delete Security Groups by VPC - AWS
- Delete Subnets by VPC - AWS
- Destroy VPC and EC2 Instance - AWS
- Detach and Delete Internet Gateways by VPC - AWS
- Provision VPC with Networking - AWS
- Additional Information
Getting Started
This section is helpful for deployments as it provides you with pertinent information on prerequisites and properties.
Helpful Background Information
Workflows often include logic that varies from business to business. As a result, we often find that our Workflow Projects are more useful as modular components that can be incorporated into a larger process. In addition, they often can add value as a learning tool on how we integrate with other systems and how we do things within the Itential Automation Platform.
While these can be utilized, you may find more value in using them as a starting point to build around.
Prerequisites
Itential Workflow Projects are built and tested on particular versions of IAP. In addition, Workflow Projects are often dependent on external systems and as such, these Workflow Projects will have dependencies on these other systems. This version of AWS - EC2 - REST has been tested with:
- IAP 2023.2
External Dependencies
| Name | OS Version | API Version |
|---|---|---|
| AWS |
Adapters
| Name | Version | Configuration Notes |
|---|---|---|
| adapter-aws_ec2 | ^0.7.2 | In order to run the workflows in this Pre-Built Automation, the adapter property xmlArrayKeys must be added to the AWS EC2 adapter configuration with value as seen below:This will ensure all response objects will set the data type of any instance of property |
How to Install
To install the Workflow Project:
- Verify you are running a supported version of the Itential Automation Platform (IAP) as listed above in the Supported IAP Versions section in order to install the Example Project.
- Import the Example Project in Admin Essentials.
Testing
Cypress is generally used to test all Itential Example Projects. While Cypress is an opensource tool, at Itential we have internal libraries that have been built around Cypress to allow us to test with a deployed IAP.
When certifying our Example Projects for a release of IAP we run these tests against the particular version of IAP and create a release branch in GitLab. If you do not see the Example Project available in your version of IAP please contact Itential.
While Itential tests this Example Project and its capabilities, it is often the case the customer environments offer their own unique circumstances. Therefore, it is our recommendation that you deploy this Example Project into a development/testing environment in which you can test the Example Project.
Using this Workflow Project
Workflow Projects contain 1 or more workflows. Each of these workflows have different inputs and outputs.
Add Ingress Rule to Security Group - AWS
A modular workflow that automates adding an ingress rule to a security group.
Capabilities include:
- The workflow is used to add Ingress Rule to Security group in AWS
Entry Point IAP Component
The primary IAP component to run Add Ingress Rule to Security Group - AWS is listed below:
| IAP Component Name | IAP Component Type | Add Ingress Rule to Security Group - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Add Ingress Rule to Security Group - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| sourceCidrIp | string | yes | The IPv4 address range, in CIDR format | 19.27.253.13/32 |
| fromPort | number | yes | The start of port range for the TCP and UDP protocols, or an ICMP type number | 80 |
| toPort | number | yes | The end of port range for the TCP and UDP protocols, or an ICMP code number | 80 |
| groupId | string | yes | The ID of the security group | sg-08f249db62d26d8a6 |
| ipProtocol | string | yes | The IP protocol name ( tcp , udp , icmp ) or number | TCP |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Add Ingress Rule to Security Group - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| updatedSecurityGroup | object | The result of Create rule request | {
"icode": "AD.200",
"response": {
"AuthorizeSecurityGroupIngressResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "2cf4e379-aac3-4fbe-b75d-543127204d91",
"return": "true",
"securityGroupRuleSet": {
"item": [
{
"groupOwnerId": "314014972859",
"groupId": "sg-08f249db62d26d8a6",
"securityGroupRuleId": "sgr-08f9a989136861e6c",
"isEgress": "false",
"ipProtocol": "tcp",
"fromPort": "80",
"toPort": "80",
"cidrIpv4": "19.27.253.13/32"
}
]
}
}
}
} |
Query Output
The following items show how to query successful results from the output of Add Ingress Rule to Security Group - AWS:
Security Group Rule ID
updatedSecurityGroup.response.AuthorizeSecurityGroupIngressResponse.securityGroupRuleSet.item[0].securityGroupRuleId
Example Inputs and Outputs
Example 1
Input:
{
"sourceCidrIp": "19.27.253.13/32",
"fromPort": 80,
"groupId": "sg-08f249db62d26d8a6",
"ipProtocol": "TCP",
"toPort": 80,
"adapterId": "EC2"
} Output:
{
"updatedSecurityGroup": {
"icode": "AD.200",
"response": {
"AuthorizeSecurityGroupIngressResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "2cf4e379-aac3-4fbe-b75d-543127204d91",
"return": "true",
"securityGroupRuleSet": {
"item": [
{
"groupOwnerId": "314014972859",
"groupId": "sg-08f249db62d26d8a6",
"securityGroupRuleId": "sgr-08f9a989136861e6c",
"isEgress": "false",
"ipProtocol": "tcp",
"fromPort": "80",
"toPort": "80",
"cidrIpv4": "19.27.253.13/32"
}
]
}
}
}
}
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Authorize Security Group Ingress - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AuthorizeSecurityGroupIngress.html | Public |
Create EC2 Instance - AWS
A modular workflow that automates creating an EC2 instance in AWS.
Capabilities include:
- Launch an EC2 instance in AWS
- Check status of launched EC2 instance until it is ready for use in AWS
- Creates tag for launched EC2 instance
Entry Point IAP Component
The primary IAP component to run Create EC2 Instance - AWS is listed below:
| IAP Component Name | IAP Component Type | Create EC2 Instance - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Create EC2 Instance - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| imageId | string | yes | The ID of the Amazon Machine Image (AMI) | ami-041feb57c611358bd |
| instanceType | string | no | The instance type | t2.micro |
| securityGroupId | array | no | The IDs of the security groups | [
"sg-0df320af9c57973a4"
] |
| networkInterface | array | no | The network interfaces to associate with the instance | [
{
"SubnetId": "subnet-0d01076d82853eac1",
"DeviceIndex": 0,
"AssociatePublicIpAddress": true,
"SecurityGroupId": [
"sg-0f70c6ety78ee4450"
]
}
] |
| vpcName | string | no | Name of the VPC | MY VPC |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Create EC2 Instance - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| publicIp | string | Public IP of the created EC2 instance | 54.204.78.24 |
| instanceInfo | object | Created Instance Info | {
"icode": "AD.200",
"response": {
"DescribeInstancesResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "59729eb9-c110-4b1c-bd2e-1a08dae45664",
"reservationSet": {
"item": [
{
"reservationId": "r-00bf9973a17756cb9",
"ownerId": "314014972859",
"groupSet": "",
"instancesSet": {
"item": [
{
"instanceId": "i-028ff00bc5698aad0",
"imageId": "ami-041feb57c611358bd",
"instanceState": {
"code": "16",
"name": "running"
},
"privateDnsName": "ip-172-31-18-198.ec2.internal",
"dnsName": "ec2-18-215-164-122.compute-1.amazonaws.com",
"reason": "",
"amiLaunchIndex": "0",
"productCodes": "",
"instanceType": "t2.micro",
"launchTime": "2023-10-23T00:43:27.000Z",
"placement": {
"availabilityZone": "us-east-1d",
"groupName": "",
"tenancy": "default"
},
"monitoring": {
"state": "disabled"
},
"subnetId": "subnet-0fd6d26fc17380403",
"vpcId": "vpc-0324c35cf9d083a40",
"privateIpAddress": "172.31.18.198",
"ipAddress": "18.215.164.122",
"sourceDestCheck": "true",
"groupSet": {
"item": [
{
"groupId": "sg-0df320af9c57973a4",
"groupName": "default"
}
]
},
"architecture": "x86_64",
"rootDeviceType": "ebs",
"rootDeviceName": "/dev/xvda",
"blockDeviceMapping": {
"item": [
{
"deviceName": "/dev/xvda",
"ebs": {
"volumeId": "vol-06f72a3639723aa36",
"status": "attached",
"attachTime": "2023-10-23T00:43:27.000Z",
"deleteOnTermination": "true"
}
}
]
},
"virtualizationType": "hvm",
"clientToken": "",
"tagSet": {
"item": [
{
"key": "Name",
"value": "Apache Web Server for "
}
]
},
"hypervisor": "xen",
"networkInterfaceSet": {
"item": [
{
"networkInterfaceId": "eni-08728a92558ff3548",
"subnetId": "subnet-0fd6d26fc17380403",
"vpcId": "vpc-0324c35cf9d083a40",
"description": "",
"ownerId": "314014972859",
"status": "in-use",
"macAddress": "0a:bd:5f:41:37:ff",
"privateIpAddress": "172.31.18.198",
"privateDnsName": "ip-172-31-18-198.ec2.internal",
"sourceDestCheck": "true",
"groupSet": {
"item": [
{
"groupId": "sg-0df320af9c57973a4",
"groupName": "default"
}
]
},
"attachment": {
"attachmentId": "eni-attach-007008b2faaf46562",
"deviceIndex": "0",
"status": "attached",
"attachTime": "2023-10-23T00:43:27.000Z",
"deleteOnTermination": "true",
"networkCardIndex": "0"
},
"association": {
"publicIp": "54.204.78.24",
"publicDnsName": "ec2-18-215-164-122.compute-1.amazonaws.com",
"ipOwnerId": "amazon"
},
"privateIpAddressesSet": {
"item": [
{
"privateIpAddress": "172.31.18.198",
"privateDnsName": "ip-172-31-18-198.ec2.internal",
"primary": "true",
"association": {
"publicIp": "18.215.164.122",
"publicDnsName": "ec2-18-215-164-122.compute-1.amazonaws.com",
"ipOwnerId": "amazon"
}
}
]
},
"ipv6AddressesSet": "",
"interfaceType": "interface"
}
]
},
"ebsOptimized": "false",
"enaSupport": "true",
"cpuOptions": {
"coreCount": "1",
"threadsPerCore": "1"
},
"capacityReservationSpecification": {
"capacityReservationPreference": "open"
},
"hibernationOptions": {
"configured": "false"
},
"enclaveOptions": {
"enabled": "false"
},
"metadataOptions": {
"state": "applied",
"httpTokens": "required",
"httpPutResponseHopLimit": "2",
"httpEndpoint": "enabled",
"httpProtocolIpv4": "enabled",
"httpProtocolIpv6": "disabled",
"instanceMetadataTags": "disabled"
},
"maintenanceOptions": {
"autoRecovery": "default"
},
"bootMode": "uefi-preferred",
"currentInstanceBootMode": "legacy-bios",
"platformDetails": "Linux/UNIX",
"usageOperation": "RunInstances",
"usageOperationUpdateTime": "2023-10-23T00:43:26.000Z",
"privateDnsNameOptions": {
"hostnameType": "ip-name",
"enableResourceNameDnsARecord": "false",
"enableResourceNameDnsAAAARecord": "false"
}
}
]
}
}
]
}
}
}
} |
Query Output
The following items show how to query successful results from the output of Create EC2 Instance - AWS:
Public IP of the Created EC2 Instance
publicIp
Created EC2 Instance ID
instanceInfo.response.DescribeInstancesResponse.reservationSet.item[0].instancesSet.item[0].instanceId
Created EC2 Instance State
instanceInfo.response.DescribeInstancesResponse.reservationSet.item[0].instancesSet.item[0].instanceState.name
Example Inputs and Outputs
Example 1
Input:
{
"imageId": "ami-041feb57c611358bd",
"instanceType": "t2.micro",
"securityGroupId": [
"sg-0df320af9c57973a4"
],
"networkInterface": [],
"adapterId": "EC2",
"vpcName": ""
} Output:
{
"instanceInfo": {
"icode": "AD.200",
"response": {
"DescribeInstancesResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "59729eb9-c110-4b1c-bd2e-1a08dae45664",
"reservationSet": {
"item": [
{
"reservationId": "r-00bf9973a17756cb9",
"ownerId": "314014972859",
"groupSet": "",
"instancesSet": {
"item": [
{
"instanceId": "i-028ff00bc5698aad0",
"imageId": "ami-041feb57c611358bd",
"instanceState": {
"code": "16",
"name": "running"
},
"privateDnsName": "ip-172-31-18-198.ec2.internal",
"dnsName": "ec2-18-215-164-122.compute-1.amazonaws.com",
"reason": "",
"amiLaunchIndex": "0",
"productCodes": "",
"instanceType": "t2.micro",
"launchTime": "2023-10-23T00:43:27.000Z",
"placement": {
"availabilityZone": "us-east-1d",
"groupName": "",
"tenancy": "default"
},
"monitoring": {
"state": "disabled"
},
"subnetId": "subnet-0fd6d26fc17380403",
"vpcId": "vpc-0324c35cf9d083a40",
"privateIpAddress": "172.31.18.198",
"ipAddress": "18.215.164.122",
"sourceDestCheck": "true",
"groupSet": {
"item": [
{
"groupId": "sg-0df320af9c57973a4",
"groupName": "default"
}
]
},
"architecture": "x86_64",
"rootDeviceType": "ebs",
"rootDeviceName": "/dev/xvda",
"blockDeviceMapping": {
"item": [
{
"deviceName": "/dev/xvda",
"ebs": {
"volumeId": "vol-06f72a3639723aa36",
"status": "attached",
"attachTime": "2023-10-23T00:43:27.000Z",
"deleteOnTermination": "true"
}
}
]
},
"virtualizationType": "hvm",
"clientToken": "",
"tagSet": {
"item": [
{
"key": "Name",
"value": "Apache Web Server for "
}
]
},
"hypervisor": "xen",
"networkInterfaceSet": {
"item": [
{
"networkInterfaceId": "eni-08728a92558ff3548",
"subnetId": "subnet-0fd6d26fc17380403",
"vpcId": "vpc-0324c35cf9d083a40",
"description": "",
"ownerId": "314014972859",
"status": "in-use",
"macAddress": "0a:bd:5f:41:37:ff",
"privateIpAddress": "172.31.18.198",
"privateDnsName": "ip-172-31-18-198.ec2.internal",
"sourceDestCheck": "true",
"groupSet": {
"item": [
{
"groupId": "sg-0df320af9c57973a4",
"groupName": "default"
}
]
},
"attachment": {
"attachmentId": "eni-attach-007008b2faaf46562",
"deviceIndex": "0",
"status": "attached",
"attachTime": "2023-10-23T00:43:27.000Z",
"deleteOnTermination": "true",
"networkCardIndex": "0"
},
"association": {
"publicIp": "54.204.78.24",
"publicDnsName": "ec2-18-215-164-122.compute-1.amazonaws.com",
"ipOwnerId": "amazon"
},
"privateIpAddressesSet": {
"item": [
{
"privateIpAddress": "172.31.18.198",
"privateDnsName": "ip-172-31-18-198.ec2.internal",
"primary": "true",
"association": {
"publicIp": "18.215.164.122",
"publicDnsName": "ec2-18-215-164-122.compute-1.amazonaws.com",
"ipOwnerId": "amazon"
}
}
]
},
"ipv6AddressesSet": "",
"interfaceType": "interface"
}
]
},
"ebsOptimized": "false",
"enaSupport": "true",
"cpuOptions": {
"coreCount": "1",
"threadsPerCore": "1"
},
"capacityReservationSpecification": {
"capacityReservationPreference": "open"
},
"hibernationOptions": {
"configured": "false"
},
"enclaveOptions": {
"enabled": "false"
},
"metadataOptions": {
"state": "applied",
"httpTokens": "required",
"httpPutResponseHopLimit": "2",
"httpEndpoint": "enabled",
"httpProtocolIpv4": "enabled",
"httpProtocolIpv6": "disabled",
"instanceMetadataTags": "disabled"
},
"maintenanceOptions": {
"autoRecovery": "default"
},
"bootMode": "uefi-preferred",
"currentInstanceBootMode": "legacy-bios",
"platformDetails": "Linux/UNIX",
"usageOperation": "RunInstances",
"usageOperationUpdateTime": "2023-10-23T00:43:26.000Z",
"privateDnsNameOptions": {
"hostnameType": "ip-name",
"enableResourceNameDnsARecord": "false",
"enableResourceNameDnsAAAARecord": "false"
}
}
]
}
}
]
}
}
}
},
"publicIp": "54.204.78.24"
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Run Instances - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html | Public |
| Describe Instance Status - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstanceStatus.html | Public |
| Create Tags - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html | Public |
Create Route - AWS
A modular workflow that automates creating a route within a VPC in AWS.
Capabilities include:
- Create a route in a route table associated with a VPC in AWS
- If no route ID provided, default route table is used
- If more than one route table found associated with VPC and no route ID provied, manual task confirms using first route table to create route
Entry Point IAP Component
The primary IAP component to run Create Route - AWS is listed below:
| IAP Component Name | IAP Component Type | Create Route - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Create Route - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| routeTableId | string | no | ID of the route table in which to create route | rtb-06d646d475a5b5d48 |
| destinationCidrBlock | string | yes | The IPv4 CIDR address block used for the destination match | 0.0.0.0/0 |
| gatewayId | string | yes | The ID of an internet gateway or virtual private gateway attached to your VPC (also referred to as thet target in the route table) | igw-0fae02dad528986b6 |
| vpcId | string | yes | ID of the VPC | vpc-0324c35cf9d083a40 |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Create Route - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| routeTableId | string | ID of the route table | rtb-06d646d475a5b5d48 |
| createdRoute | object | Result of the create route request | {
"icode": "AD.200",
"response": {
"CreateRouteResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "4e157878-b2fb-4f95-8312-8c3cbbec8b18",
"return": "true"
}
}
} |
Query Output
The following items show how to query successful results from the output of Create Route - AWS:
Route Table ID
routeTableId
Create Route Result
createdRoute.response.CreateRouteResponse.return
Example Inputs and Outputs
Example 1
Input:
{
"routeTableId": "",
"destinationCidrBlock": "0.0.0.0/0",
"gatewayId": "igw-0fae02dad528986b6",
"adapterId": "EC2",
"vpcId": "vpc-0324c35cf9d083a40"
} Output:
{
"routeTableId": "rtb-06d646d475a5b5d48",
"createdRoute": {
"icode": "AD.200",
"response": {
"CreateRouteResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "4e157878-b2fb-4f95-8312-8c3cbbec8b18",
"return": "true"
}
}
}
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Create Route - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateRoute.html | Public |
| Configure Route Tables - AWS EC2 | https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html | Public |
| Describe Route Tables - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html | Public |
Create Security Group with Ingress Rules - AWS
A modular workflow that automates creating a security group with ingress rules in AWS.
Capabilities include:
- Create a security group in AWS EC2
- Add ingress rule to created security group
Entry Point IAP Component
The primary IAP component to run Create Security Group with Ingress Rules - AWS is listed below:
| IAP Component Name | IAP Component Type | Create Security Group with Ingress Rules - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Create Security Group with Ingress Rules - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| securityGroupDescription | string | yes | A description for the security group | Web Servers |
| securityGroupName | string | yes | The name of the security group | WebServerSG |
| vpcId | string | yes | ID of the VPC | vpc-0324c35cf9d083a40 |
| ruleList | array | yes | List of Ingress rules | [
{
"protocol": "TCP",
"port": 80,
"sourceIp": "199.27.253.134",
"sourceSubnetCidrMask": 32
},
{
"protocol": "TCP",
"port": 80,
"sourceIp": "19.27.253.134",
"sourceSubnetCidrMask": 32
}
] |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Create Security Group with Ingress Rules - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| securityGroupId | string | ID of the created Security group | sg-0bd40e2d7195add77 |
Query Output
The following items show how to query successful results from the output of Create Security Group with Ingress Rules - AWS:
Security Group ID
securityGroupId
Example Inputs and Outputs
Example 1
Input:
{
"securityGroupDescription": "TestING",
"securityGroupName": "FOR TESTING",
"vpcId": "vpc-004c7963c31a8d156",
"adapterId": "EC2",
"ruleList": [
{
"protocol": "TCP",
"port": 80,
"sourceIp": "199.27.253.134",
"sourceSubnetCidrMask": 32
},
{
"protocol": "TCP",
"port": 80,
"sourceIp": "19.27.253.134",
"sourceSubnetCidrMask": 32
}
]
} Output:
{
"securityGroupId": "sg-0bd40e2d7195add77"
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Create Security Group - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html | Public |
| Authorize Security Group Ingress - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AuthorizeSecurityGroupIngress.html | Public |
Create VPC - AWS
A modular workflow that automates creating a VPC in AWS.
Capabilities include:
- The workflow is used to create a VPC in AWS
Entry Point IAP Component
The primary IAP component to run Create VPC - AWS is listed below:
| IAP Component Name | IAP Component Type | Create VPC - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Create VPC - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| cidrBlock | string | yes | The IPv4 network range for the VPC, in CIDR notation | 10.0.0.0/24 |
| vpcName | string | yes | Name of the VPC | TEST VPC |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Create VPC - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| createdVpc | object | The Create VPC request result | {
"icode": "AD.200",
"response": {
"CreateVpcResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "da850668-b4d9-4c57-846a-7b64e487eef9",
"vpc": {
"vpcId": "vpc-057e1defa8211ba74",
"ownerId": "314014972859",
"state": "pending",
"cidrBlock": "10.0.0.0/24",
"cidrBlockAssociationSet": {
"item": [
{
"cidrBlock": "10.0.0.0/24",
"associationId": "vpc-cidr-assoc-0f0f4d51506a452cd",
"cidrBlockState": {
"state": "associated"
}
}
]
},
"ipv6CidrBlockAssociationSet": "",
"dhcpOptionsId": "dopt-045a5c88c0d702d2b",
"instanceTenancy": "default",
"isDefault": "false"
}
}
}
} |
Query Output
The following items show how to query successful results from the output of Create VPC - AWS:
Created VPC ID
createdVpc.response.CreateVpcResponse.vpc.vpcId
Created VPC State
createdVpc.response.CreateVpcResponse.vpc.state
Example Inputs and Outputs
Example 1
Input:
{
"cidrBlock": "10.0.0.0/24",
"adapterId": "EC2",
"vpcName": "TEST VPC"
} Output:
{
"createdVpc": {
"icode": "AD.200",
"response": {
"CreateVpcResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "da850668-b4d9-4c57-846a-7b64e487eef9",
"vpc": {
"vpcId": "vpc-057e1defa8211ba74",
"ownerId": "314014972859",
"state": "pending",
"cidrBlock": "10.0.0.0/24",
"cidrBlockAssociationSet": {
"item": [
{
"cidrBlock": "10.0.0.0/24",
"associationId": "vpc-cidr-assoc-0f0f4d51506a452cd",
"cidrBlockState": {
"state": "associated"
}
}
]
},
"ipv6CidrBlockAssociationSet": "",
"dhcpOptionsId": "dopt-045a5c88c0d702d2b",
"instanceTenancy": "default",
"isDefault": "false"
}
}
}
}
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Create VPC - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpc.html | Public |
| Create Tags - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html | Public |
Create VPC Subnet - AWS
A modular workflow that automates creating a subnet for a VPC in AWS.
Capabilities include:
- The workflow is used to create subnet for a VPC in AWS
Entry Point IAP Component
The primary IAP component to run Create VPC Subnet - AWS is listed below:
| IAP Component Name | IAP Component Type | Create VPC Subnet - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Create VPC Subnet - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| cidrBlock | string | yes | The IPv4 network range for the VPC, in CIDR notation | 10.0.0.0/24 |
| vpcId | string | yes | The ID of the VPC | vpc-0ece2ed1b3725e018 |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Create VPC Subnet - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| subnetId | string | ID of the created subnet | subnet-04545f4e6b8bc63ea |
Query Output
The following items show how to query successful results from the output of Create VPC Subnet - AWS:
Created VPC Subnet ID
subnetId
Example Inputs and Outputs
Example 1
Input:
{
"cidrBlock": "100.68.0.1/18",
"vpcId": "vpc-0ece2ed1b3725e018",
"adapterId": "EC2"
} Output:
{
"subnetId": "subnet-04545f4e6b8bc63ea"
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Create Subnet - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSubnet.html | Public |
Create and Attach Internet Gateway - AWS
A modular workflow that automates creating and attaching an internet gateway to a VPC in AWS.
Capabilities include:
- The workflow is used to create and attach Internet gateway to VPC in AWS
Entry Point IAP Component
The primary IAP component to run Create and Attach Internet Gateway - AWS is listed below:
| IAP Component Name | IAP Component Type | Create and Attach Internet Gateway - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Create and Attach Internet Gateway - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| vpcId | string | yes | The ID of the VPC | vpc-0c78b30c98d04b8ce |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Create and Attach Internet Gateway - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| internetGatewayId | string | The ID of the created Internet gateway | igw-01462c9d3d191a0b3 |
Query Output
The following items show how to query successful results from the output of Create and Attach Internet Gateway - AWS:
Created Internet Gateway ID
internetGatewayId
Example Inputs and Outputs
Example 1
Input:
{
"adapterId": "EC2",
"vpcId": "vpc-0c78b30c98d04b8ce"
} Output:
{
"internetGatewayId": "igw-01462c9d3d191a0b3"
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Create Internet Gateway - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateInternetGateway.html | Public |
| Attach Internet Gateway - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachInternetGateway.html | Public |
Delete Security Groups by VPC - AWS
A modular workflow that automates deleting VPC Security groups in AWS.
Capabilities include:
- The workflow is used to delete VPC Security groups in AWS
Entry Point IAP Component
The primary IAP component to run Delete Security Groups by VPC - AWS is listed below:
| IAP Component Name | IAP Component Type | Delete Security Groups by VPC - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Delete Security Groups by VPC - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| vpcId | string | yes | The ID of the VPC | vpc-0b678b7a21e66ded8 |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Delete Security Groups by VPC - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| deletedSecurityGroup | array | Delete Security group request result | [
{
"icode": "AD.200",
"response": {
"DeleteSecurityGroupResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "2cdea5d3-b27b-4a39-ab90-26bf31051769",
"return": "true"
}
}
}
] |
Query Output
The following items show how to query successful results from the output of Delete Security Groups by VPC - AWS:
Delete Security Group Request Result
deletedSecurityGroup
Example Inputs and Outputs
Example 1
Input:
{
"vpcId": "vpc-0b678b7a21e66ded8",
"adapterId": "EC2"
} Output:
{
"deletedSecurityGroup": [
{
"icode": "AD.200",
"response": {
"DeleteSecurityGroupResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "2cdea5d3-b27b-4a39-ab90-26bf31051769",
"return": "true"
}
}
}
]
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Delete Security Group - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSecurityGroup.html | Public |
| Describe Security Groups - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html | Public |
Delete Subnets by VPC - AWS
A modular workflow that automates deleting subnets by VPC in AWS.
Capabilities include:
- The workflow is used to delete VPC Subnets from AWS
Entry Point IAP Component
The primary IAP component to run Delete Subnets by VPC - AWS is listed below:
| IAP Component Name | IAP Component Type | Delete Subnets by VPC - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Delete Subnets by VPC - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| vpcId | string | yes | The ID of the VPC | vpc-0b678b7a21e66ded8 |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Delete Subnets by VPC - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| deletedSubnet | array | Delete Subnet request result | [
{
"icode": "AD.200",
"response": {
"DeleteSubnetResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "31ea90a8-8dbb-4cde-912a-df8d1f1021ec",
"return": "true"
}
}
}
] |
Query Output
The following items show how to query successful results from the output of Delete Subnets by VPC - AWS:
Delete Subnet Request Result
deletedSubnet
Example Inputs and Outputs
Example 1
Input:
{
"vpcId": "vpc-0b678b7a21e66ded8",
"adapterId": "EC2"
} Output:
{
"deletedSubnet": [
{
"icode": "AD.200",
"response": {
"DeleteSubnetResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "31ea90a8-8dbb-4cde-912a-df8d1f1021ec",
"return": "true"
}
}
}
]
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Delete Subnet - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteSubnet.html | Public |
| Describe Subnets - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html | Public |
Destroy VPC and EC2 Instance - AWS
A modular workflow that automates destroying a VPC and EC2 Instance in AWS
Capabilities include:
- The workflow is used to destroy VPC And EC2 Instance in AWS
Entry Point IAP Component
The primary IAP component to run Destroy VPC And EC2 Instance - AWS is listed below:
| IAP Component Name | IAP Component Type | Destroy VPC and EC2 Instance - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Destroy VPC And EC2 Instance - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| vpcId | string | yes | The ID of the VPC | vpc-0ece2ed1b3725e018 |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Destroy VPC And EC2 Instance - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| deletedVPC | object | Delete VPC request result | {
"icode": "AD.200",
"response": {
"DeleteVpcResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "81a08c9a-f42d-49ea-9359-9213d2a11250",
"return": "true"
}
}
} |
Query Output
The following items show how to query successful results from the output of Destroy VPC And EC2 Instance - AWS:
Delete VPC Result
deletedVPC.responseDeleteVpcResponse.return
Example Inputs and Outputs
Example 1
Input:
{
"vpcId": "vpc-0ece2ed1b3725e018",
"adapterId": "EC2"
} Output:
{
"deletedVPC": {
"icode": "AD.200",
"response": {
"DeleteVpcResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "81a08c9a-f42d-49ea-9359-9213d2a11250",
"return": "true"
}
}
}
} API Links
Detach and Delete Internet Gateways by VPC - AWS
A modular workflow that automates detaching and deleting VPC internet gateways in AWS.
Capabilities include:
- The workflow is used to detach and delete VPC Internet gateways in AWS
Entry Point IAP Component
The primary IAP component to run Detach and Delete Internet Gateways by VPC - AWS is listed below:
| IAP Component Name | IAP Component Type | Detach and Delete Internet Gateways by VPC - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Detach and Delete Internet Gateways by VPC - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| vpcId | string | yes | The ID of the VPC | vpc-0ba78c5ca9aaecd64 |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Detach and Delete Internet Gateways by VPC - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| deletedInternetGateway | object | Delete Internet Gateway request result | {
"icode": "AD.200",
"response": {
"DeleteInternetGatewayResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "f743ec7e-1039-4261-8f74-4f8ba72a6c35",
"return": "true"
}
}
} |
Query Output
The following items show how to query successful results from the output of Detach and Delete Internet Gateways by VPC - AWS:
Delete Internet Gateway Result
deletedInternetGateway.response.DeleteInternetGatewayResponse.return
Example Inputs and Outputs
Example 1
Input:
{
"adapterId": "EC2",
"vpcId": "vpc-0ba78c5ca9aaecd64"
} Output:
{
"deletedInternetGateway": {
"icode": "AD.200",
"response": {
"DeleteInternetGatewayResponse": {
"_attr": {
"xmlns": "http://ec2.amazonaws.com/doc/2016-11-15/"
},
"requestId": "f743ec7e-1039-4261-8f74-4f8ba72a6c35",
"return": "true"
}
}
}
} API Links
| API Name | API Documentation Link | API Link Visibility |
|---|---|---|
| Describe Internet Gateways - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html | Public |
| Detach Internet Gateway - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachInternetGateway.html | Public |
| Delete Internet Gateway - AWS EC2 | https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteInternetGateway.html | Public |
Provision VPC with Networking - AWS
A modular workflow that automates creating and configuring a VPC with networking in AWS.
Capabilities include:
- The workflow is used to create and configure VPC in AWS
Entry Point IAP Component
The primary IAP component to run Provision VPC with Networking - AWS is listed below:
| IAP Component Name | IAP Component Type | Provision VPC with Networking - AWS | Workflow |
|---|
Inputs
The following table lists the inputs for Provision VPC with Networking - AWS:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| vpcSubnet | string | yes | The IPv4 network range for the VPC, in CIDR notation | 10.20.30.1/28 |
| vpcName | string | yes | Name of your VPC | Test VPC1234 |
| securityGroupName | string | yes | Name of the Security group | TESTING 1 |
| securityGroupDesc | string | yes | Description of the Security group | Security Group for TESTING |
| ingressRules | array | yes | List of rules | [
{
"sourceSubnetCidrMask": 32,
"sourceIp": "199.27.253.134",
"protocol": "TCP",
"port": 80
}
] |
| adapterId | string | yes | AWS EC2 adapter to use | EC2 |
Outputs
The following table lists the outputs for Provision VPC with Networking - AWS:
| Name | Type | Description | Example Value |
|---|---|---|---|
| vpcId | string | ID of the created VPC | vpc-0b678b7a21e66ded8 |
| subnetId | string | ID of the created subnet | subnet-097a82181b977273f |
| internetGatewayId | string | ID of the created Internet gateway | igw-070593dabfda1adf0 |
| securityGroupId | string | ID of the created Security group | sg-0cdc4162d4cd16dfe |
Query Output
The following items show how to query successful results from the output of Provision VPC with Networking - AWS:
Created VPC ID
vpcId
Created Subnet ID
subnetId
Created Internet Gateway ID
internetGatewayId
Created Security Group ID
securityGroupId
Example Inputs and Outputs
Example 1
Input:
{
"vpcSubnet": "10.20.30.1/28",
"vpcName": "Test VPC1234",
"adapterId": "EC2",
"securityGroupName": "TESTING 1",
"securityGroupDesc": "Security Group for TESTING",
"ingressRules": [
{
"sourceSubnetCidrMask": 32,
"sourceIp": "199.27.253.134",
"protocol": "TCP",
"port": 80
}
]
} Output:
{
"vpcId": "vpc-0b678b7a21e66ded8",
"subnetId": "subnet-097a82181b977273f",
"internetGatewayId": "igw-070593dabfda1adf0",
"securityGroupId": "sg-0cdc4162d4cd16dfe"
} API Links
Additional Information
Support
Please use your Itential Customer Success account if you need support when using this Workflow Project.