Managing custom VPCs and subnets
In the previous example, we used the pre-existing default VPC and subnet to create our instance. That's fine for demonstration purposes, but in production, you'll want to use a dedicated VPC for your Puppet-managed resources to keep it separate from any other resources in your AWS account and from other Puppet-managed VPCs. You could, for example, have a staging VPC and a production VPC.
By default, a new VPC has no access to the Internet; we'll also need an Internet gateway (which routes Internet traffic to and from the VPC) and a route table (which tells a given subnet to send non-local traffic to the gateway). The puppetlabs/aws module provides Puppet resources to create and manage each of these entities.
Creating an instance in a custom VPC
In this section, we'll use a more sophisticated example manifest to create a new VPC and subnet, with an associated Internet gateway and route table, then add a security group and EC2 instance.
Follow these steps to apply...
