Skip to content

Latest commit

 

History

History
117 lines (102 loc) · 11.2 KB

README.md

File metadata and controls

117 lines (102 loc) · 11.2 KB

terraform-aws-alb-ecs-task follow on Twitter

Creates an ECS service, ECS task, ALB target group, ALB listener, and CloudWatch logging. Ignores updates to the task so deployments can continue via another pipeline.

Example

Here's what using the module will look like

module "example" {
  source  = "rhythmictech/alb-ecs-task/aws"
  version = "1.1.0"

  cluster_name      = aws_ecs_cluster.example.name
  container_port    = 80
  container_image   = "docker.io/library/nginx:latest"
  load_balancer_arn = aws_lb.public.arn
  listener_port     = 80
  name              = module.tags.name
  subnets           = var.subnet_ids
  tags              = module.tags.tags
  vpc_id            = var.vpc_id
}

Requirements

Name Version
terraform >= 0.12.19
aws >= 2.48.0

Providers

Name Version
aws 4.8.0

Modules

Name Source Version
container_definition cloudposse/ecs-container-definition/aws 0.58.1

Resources

Name Type
aws_cloudwatch_log_group.this resource
aws_ecs_service.this resource
aws_ecs_task_definition.this resource
aws_iam_role.ecs_exec resource
aws_iam_role.ecs_task resource
aws_iam_role_policy_attachment.additional resource
aws_iam_role_policy_attachment.ecs_exec resource
aws_iam_role_policy_attachment.ecs_exec_additional resource
aws_lb_listener_rule.this resource
aws_lb_target_group.this resource
aws_security_group.ecs_service resource
aws_security_group_rule.alb resource
aws_security_group_rule.allow_all_egress resource
aws_iam_policy_document.assume data source
aws_iam_policy_document.ecs_exec data source
aws_region.current data source

Inputs

Name Description Type Default Required
additional_ecs_service_exec_policy_arns ARNs for additional ECS Service Execution Role policies list(string) [] no
additional_ecs_task_policy_arns ARNs for additional ECS task policies list(string) [] no
alb_security_group_id ID for ALB Security Group string n/a yes
assign_ecs_service_public_ip Assigns a public IP to your ECS service. Set true if using fargate, see https://aws.amazon.com/premiumsupport/knowledge-center/ecs-pull-container-api-error-ecr/ bool false no
cluster_name Name of ECS cluster string n/a yes
container_image Container image, ie 203583890406.dkr.ecr.us-west-1.amazonaws.com/api-integrations:git-34752db string "busybox" no
container_name Defaults to api-<var.name> string null no
container_port Port on Container that main process is listening on number n/a yes
ecs_execution_role ECS execution role. If specified none will be created string "" no
ecs_task_role ECS task execution role. If specified none will be created string "" no
environment_variables The environment variables to pass to the container. This is a list of maps 
list(object({
    name  = string
    value = string
  }))
 null no
health_check Target group health check, for LB to assess service health
See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group#health_check		 
object({
    healthy_threshold   = number
    interval            = number
    path                = string
    port                = string
    protocol            = string
    unhealthy_threshold = number
  })
 
{
  "healthy_threshold": 3,
  "interval": 30,
  "path": "/",
  "port": "traffic-port",
  "protocol": "HTTP",
  "unhealthy_threshold": 3
}
 no
host_headers The hostname in the request which acts as condition for listener. See
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_rule#host_header		 list(string) n/a yes
internal_protocol Protocol for traffic between the ALB and ECS. Should be one of [TCP, TLS, UDP, TCP_UDP, HTTP, HTTPS] string "HTTP" no
launch_type ECS service launch type: FARGATE | EC2 string "FARGATE" no
listener_arn ARN of listener on ALB string n/a yes
name Moniker to apply to all resources in module string n/a yes
network_mode The Docker networking mode to use for the containers in the task. The valid values are none, bridge, awsvpc, and host. string "awsvpc" no
secrets The secrets to pass to the container. This is a list of maps 
list(object({
    name      = string
    valueFrom = string
  }))
 null no
security_group_ids List of Security Group IDs to apply to the ECS Service list(string) [] no
service_registry_arn ARN of aws_service_discovery_service string null no
subnets Subnets that should be added to ECS service network configuration list(string) [] no
tags Resource Tags. BE VERBOSE. Should AT MINIMIUM contain; Name & Owner map(string) {} no
target_group_port The port on which targets receive traffic on the Target Group number 80 no
task_cpu The number of cpu units used by the task. number 1024 no
task_def_arn Task definition arn string "" no
task_desired_count Number of copies of task definition that should be running at any given time number 1 no
task_memory The amount (in MiB) of memory used by the task. number 2048 no
vpc_id VPC ID where resources will be created string n/a yes

Outputs

Name Description
cloudwatch_log_group aws_cloudwatch_log_group resource
ecs_service aws_ecs_service resource
ecs_task_iam_role aws_iam_role resource for the ECS task
iam_role_ecs_service aws_iam_role resource for the ECS service
lb_target_group aws_lb_target_group resource
lb_target_group_arn ARN for the target group associated with service
lb_target_group_id ID for the target group associated with service
security_group_id Resource ID ofr Security Group associated with ECS Service network_configuration
task_definition aws_ecs_task_definition resource

The Giants underneath this module

  • pre-commit.com/
  • terraform.io/
  • github.com/tfutils/tfenv
  • github.com/segmentio/terraform-docs