Creates an ECS service, ECS task, ALB target group, ALB listener, and CloudWatch logging. Ignores updates to the task so deployments can continue via another pipeline.
Here's what using the module will look like
module "example" {
source = "rhythmictech/alb-ecs-task/aws"
version = "1.1.0"
cluster_name = aws_ecs_cluster.example.name
container_port = 80
container_image = "docker.io/library/nginx:latest"
load_balancer_arn = aws_lb.public.arn
listener_port = 80
name = module.tags.name
subnets = var.subnet_ids
tags = module.tags.tags
vpc_id = var.vpc_id
}| Name | Version |
|---|---|
| terraform | >= 0.12.19 |
| aws | >= 2.48.0 |
| Name | Version |
|---|---|
| aws | 4.8.0 |
| Name | Source | Version |
|---|---|---|
| container_definition | cloudposse/ecs-container-definition/aws | 0.58.1 |
| Name | Type |
|---|---|
| aws_cloudwatch_log_group.this | resource |
| aws_ecs_service.this | resource |
| aws_ecs_task_definition.this | resource |
| aws_iam_role.ecs_exec | resource |
| aws_iam_role.ecs_task | resource |
| aws_iam_role_policy_attachment.additional | resource |
| aws_iam_role_policy_attachment.ecs_exec | resource |
| aws_iam_role_policy_attachment.ecs_exec_additional | resource |
| aws_lb_listener_rule.this | resource |
| aws_lb_target_group.this | resource |
| aws_security_group.ecs_service | resource |
| aws_security_group_rule.alb | resource |
| aws_security_group_rule.allow_all_egress | resource |
| aws_iam_policy_document.assume | data source |
| aws_iam_policy_document.ecs_exec | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_ecs_service_exec_policy_arns | ARNs for additional ECS Service Execution Role policies | list(string) |
[] |
no |
| additional_ecs_task_policy_arns | ARNs for additional ECS task policies | list(string) |
[] |
no |
| alb_security_group_id | ID for ALB Security Group | string |
n/a | yes |
| assign_ecs_service_public_ip | Assigns a public IP to your ECS service. Set true if using fargate, see https://aws.amazon.com/premiumsupport/knowledge-center/ecs-pull-container-api-error-ecr/ | bool |
false |
no |
| cluster_name | Name of ECS cluster | string |
n/a | yes |
| container_image | Container image, ie 203583890406.dkr.ecr.us-west-1.amazonaws.com/api-integrations:git-34752db | string |
"busybox" |
no |
| container_name | Defaults to api-<var.name> |
string |
null |
no |
| container_port | Port on Container that main process is listening on | number |
n/a | yes |
| ecs_execution_role | ECS execution role. If specified none will be created | string |
"" |
no |
| ecs_task_role | ECS task execution role. If specified none will be created | string |
"" |
no |
| environment_variables | The environment variables to pass to the container. This is a list of maps | list(object({ |
null |
no |
| health_check | Target group health check, for LB to assess service health See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group#health_check |
object({ |
{ |
no |
| host_headers | The hostname in the request which acts as condition for listener. See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_rule#host_header |
list(string) |
n/a | yes |
| internal_protocol | Protocol for traffic between the ALB and ECS. Should be one of [TCP, TLS, UDP, TCP_UDP, HTTP, HTTPS] | string |
"HTTP" |
no |
| launch_type | ECS service launch type: FARGATE | EC2 | string |
"FARGATE" |
no |
| listener_arn | ARN of listener on ALB | string |
n/a | yes |
| name | Moniker to apply to all resources in module | string |
n/a | yes |
| network_mode | The Docker networking mode to use for the containers in the task. The valid values are none, bridge, awsvpc, and host. | string |
"awsvpc" |
no |
| secrets | The secrets to pass to the container. This is a list of maps | list(object({ |
null |
no |
| security_group_ids | List of Security Group IDs to apply to the ECS Service | list(string) |
[] |
no |
| service_registry_arn | ARN of aws_service_discovery_service | string |
null |
no |
| subnets | Subnets that should be added to ECS service network configuration | list(string) |
[] |
no |
| tags | Resource Tags. BE VERBOSE. Should AT MINIMIUM contain; Name & Owner | map(string) |
{} |
no |
| target_group_port | The port on which targets receive traffic on the Target Group | number |
80 |
no |
| task_cpu | The number of cpu units used by the task. | number |
1024 |
no |
| task_def_arn | Task definition arn | string |
"" |
no |
| task_desired_count | Number of copies of task definition that should be running at any given time | number |
1 |
no |
| task_memory | The amount (in MiB) of memory used by the task. | number |
2048 |
no |
| vpc_id | VPC ID where resources will be created | string |
n/a | yes |
| Name | Description |
|---|---|
| cloudwatch_log_group | aws_cloudwatch_log_group resource |
| ecs_service | aws_ecs_service resource |
| ecs_task_iam_role | aws_iam_role resource for the ECS task |
| iam_role_ecs_service | aws_iam_role resource for the ECS service |
| lb_target_group | aws_lb_target_group resource |
| lb_target_group_arn | ARN for the target group associated with service |
| lb_target_group_id | ID for the target group associated with service |
| security_group_id | Resource ID ofr Security Group associated with ECS Service network_configuration |
| task_definition | aws_ecs_task_definition resource |
- pre-commit.com/
- terraform.io/
- github.com/tfutils/tfenv
- github.com/segmentio/terraform-docs