I'm setting up VPN nodes with Cloudformation and provision them with Saltstack. Let's call them left and right node. When provisioning the left node I need to know the public IP of the right node and vice versa. Is there a way to retrieve the IP of another EC2 instance in Saltstack formula? Both instances have tags associated with them.
Or is there a different way to achieve this? I would just like to omit any hardcoding.
The cloud provider independent way to do this with Salt is to use Salt Mine. Here a master collects the information of the minions (for example about IP addresses) and makes them available for other minions. This link has an example for a load balancer configuration.
This setup requires you to have a Salt Master running (a masterless setup will not work here). If all nodes potentially want to know about all other node's IP addresses you'll either need to run Salt provisioning a second time once all IP addresses are known, or use Salt Orchestrate to ensure that first all minion's grains are collected, and afterwards the services are installed.
If you expect IP addresses to change regularly, or if you plan to scale your infrastructure with IP addresses coming and going regularly (ephemeral nodes), Salt will recommend Salt Reactor, but I think Consul (see below) might be a lot simpler to setup depending your scenario.
For Consul you will install an agent on each node and register each node's services locally in a straight-forward Salt manner. Consul can provide you DNS resolving for the nodes and services. With Consul Template it will re-write your configurations and reload your services once IP addresses change or nodes are coming up. You will need to have a Consul master to make this work. The Consul online documentation is quite good. I have also written a Consul/Salt/Cloud Tutorial that might be interesting for you to read.