Skip to content

lean-delivery/terraform-module-aws-ecs

Repository files navigation

Summary

Terraform module to setup ECS Fargate or ECS EC2.

New variable "launch_type" can be "FARGATE" or "EC2"

Example

module "ecs" {
  source = "github.com/lean-delivery/tf-module-aws-ecs"

  project     = "Project"
  environment = "dev"
  service     = "service-name"

  vpc_id  = "vpc-eizox8ea"
  subnets = ["subnet-sait0aiw", "subnet-op8phee4", "subnet-eego9xoo"]
  availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]

  alb_target_group_arn = "arn:aws:elasticloadbalancing:< region >:< account ID >:targetgroup/< target group name >/< target group id >"

  container_port       = "80"

  container_definitions = <<EOF
[
  {
    "name": "first",
    "image": "service-first",
    "cpu": 10,
    "memory": 512,
    "essential": true,
    "portMappings": [
      {
        "containerPort": 80,
        "hostPort": 80
      }
    ]
  }
]
EOF
}

Inputs

Name Description Type Default Required
alb_target_group_arn ARN of target group string - yes
container_cpu Amount of cpu used by the task string 512 no
container_definitions Fargate container definition string see default value bellow this table no
container_memory Amount of memory used by the task string 1024 no
container_port exposed port in container string 80 no
ecs_cluster_id ID of existing ECS cluster (if want to attach service and etc to existing cluster) string none no
environment Environment name is used to identify resources string env no
health_check_grace_period_seconds Seconds to ignore failing load balancer health checks on newly instantiated tasks string 30 no
project Project name is used to identify resources string test no
service Service name (will be used as family name in task definition) string SuperService no
subnets List of subnets where to run ECS Service list - yes
tags Additional tags for all resources map <map> no
task_role_arn ARN of IAM role that should be passed into container to access AWS resources from it. string `` no
use_existant_cluster Bool statement to declare usage of existant ECS cluster string false no
instance_type Instance type of nodes for ECS with "EC2" launch type string t2.small no
launch_type Launch type for ECS (FARGATE or EC2 ) string FARGATE no
volume_type Volume type for EC2 string standard no
volume_size Volume size for EC2 string 100 no
autoscaling_min_capacity Amount of min running task or EC2 instances string 1 no
autoscaling_max_capacity Amount of max running task or EC2 instances string 10 no
autoscaling_cpu_high_threshold Autoscaling CPU threshold for scale-up string 50 no
autoscaling_cpu_low_threshold Autoscaling CPU threshold for scale-down string 40 no
availability_zones List of availability zones which will be provisined by autoscailing group list [] yes
vpc_id The ID of VPC string - yes
create_security_group To create or not own security group for service string true no
security_groups List of existing security groups to be reused if create_security_group is false list [] no
assign_public_ip To assign or not public ip to task string false no
use_fargate_spot To use or not spot tasks in Fargate string false no

Container definitions default value

[
  {
    "name": "SuperService-env",
    "cpu": 512,
    "memory": 512,
    "image": "nginx:alpine",
    "essential": true,
    "portMappings": [
      {
        "containerPort": 80,
        "hostPort": 80
      }
    ]
  }
]

Outputs

Name Description
ecs_cluster_arn ECS cluster ARN
ecs_cluster_id ECS cluster ID
ecs_cluster_name ECS cluster name
ecs_service_iam_role_arn ARN fo created ECS service
ecs_service_iam_role_name Name of IAM role that attached to ECS service
ecs_task_execution_container_cpu Amount of cpu used by the task
ecs_task_execution_container_memory Amount of memory used by the task
ecs_task_execution_iam_role_arn Arn of IAM role that attached to ECS task execution
ecs_task_execution_iam_role_name Name of IAM role that attached to ECS task execution
security_group_description The description of the security group.
security_group_id The ID of the security group.
security_group_name The name of the security group.
security_group_owner_id The owner ID.
security_group_vpc_id The VPC ID.

License

Apache2.0 Licensed. See LICENSE for full details.