Skip to content

ergousha/terraform-aws-mcaf-fargate

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

221 Commits

.github/workflows

.github/workflows

 
 

templates

templates

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

dns.tf

dns.tf

 
 

efs.tf

efs.tf

 
 

lb.tf

lb.tf

 
 

main.tf

main.tf

 
 

outputs.tf

outputs.tf

 
 

variables.tf

variables.tf

 
 

versions.tf

versions.tf

 
 

Repository files navigation

terraform-aws-mcaf-fargate

Requirements

Name Version
terraform >= 0.13.0
aws >= 5.0.0

Providers

Name Version
aws >= 5.0.0

Modules

Name Source Version
task_execution_role github.com/schubergphilis/terraform-aws-mcaf-role v0.3.3

Resources

Name Type
aws_acm_certificate.default resource
aws_acm_certificate_validation.default resource
aws_cloudwatch_log_group.default resource
aws_ecs_capacity_provider.default resource
aws_ecs_cluster.default resource
aws_ecs_cluster_capacity_providers.default resource
aws_ecs_service.default resource
aws_ecs_task_definition.default resource
aws_eip.lb resource
aws_iam_role_policy_attachment.task_execution_role resource
aws_lb.default resource
aws_lb_listener.http resource
aws_lb_listener.https resource
aws_lb_listener.tcp resource
aws_lb_target_group.default resource
aws_route53_record.default resource
aws_route53_record.validation resource
aws_security_group.ecs resource
aws_security_group.lb resource
aws_region.current data source
aws_route53_zone.current data source

Inputs

Name Description Type Default Required
ecs_subnet_ids List of subnet IDs assigned to ECS cluster list(string) n/a yes
image Docker image to run in the ECS cluster string n/a yes
name Name of the Fargate cluster string n/a yes
role_policy The Policy document for the role string n/a yes
vpc_id AWS vpc id string n/a yes
capacity_provider_asg_arn ARN of Autoscaling Group for capacity provider string null no
certificate_arn Certificate ARN for the LB Listener string null no
cidr_blocks CIDR block to allow access to the LB list(string) 
[
  "0.0.0.0/0"
]
 no
cpu Fargate instance CPU units to provision (1 vCPU = 1024 CPU units) number 1024 no
desired_count Desired number of docker containers to run number 1 no
enable_container_insights Enable Cloudwatch Container Insights bool true no
enable_cross_zone_load_balancing Enable cross-zone load balancing of the (network) load balancer bool false no
environment Environment variables defined in the docker container map(string) {} no
health_check Health check settings for the container 
object({
    healthy_threshold   = number,
    interval            = number,
    path                = string,
    unhealthy_threshold = number
  })
 
{
  "healthy_threshold": 3,
  "interval": 30,
  "path": null,
  "unhealthy_threshold": 3
}
 no
kms_key_id The custom KMS key ARN used encryption of the Cloudwatch log group string null no
load_balancer_deletion_protection Set to true to enable deletion protection on the load balancer bool false no
load_balancer_deregistration_delay The amount of time before a target is deregistered when draining number 300 no
load_balancer_eip Whether to create Elastic IPs for the load balancer bool false no
load_balancer_internal Set to true to create an internal load balancer bool false no
load_balancer_logging Access logs configuration for the load balancer 
object({
    s3_bucket_arn = string,
    enabled       = bool,
    prefix        = string
  })
 
{
  "enabled": false,
  "prefix": null,
  "s3_bucket_arn": null
}
 no
load_balancer_subnet_ids List of subnet IDs assigned to the LB list(string) null no
memory Fargate instance memory to provision (in MiB) number 2048 no
permissions_boundary The permissions boundary to set to TaskExecutionRole string null no
port Port exposed by the docker image to redirect traffic to number 3000 no
postfix Postfix the role and policy names with Role and Policy bool false no
protocol The target protocol string null no
public_ip Assign a public ip to the service bool false no
readonly_root_filesystem When this parameter is true, the container is given read-only access to its root file system bool true no
region The region this fargate cluster should reside in, defaults to the region used by the callee string null no
secrets Map containing secrets to expose to the docker container map(string) {} no
service_launch_type The service launch type: either FARGATE or EC2 string "FARGATE" no
ssl_policy SSL Policy for the LB Listener string "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" no
subdomain The DNS subdomain and zone ID for the LB 
object({
    name    = string,
    zone_id = string
  })
 null no
tags A mapping of tags to assign to the resources map(string) {} no
target_group_stickiness Whether to bind a client’s session to a specific instance within the target group bool false no

Outputs

Name Description
cluster_arn The ARN of the ECS cluster
fqdn FQDN of the route53 endpoint
hostname Hostname of the Application load balancer
http_listener_arn The ARN of the HTTP listener
https_listener_arn The ARN of the HTTPS listener
load_balancer_eips The Elastic IPs of the load balancer
name Name of the fargate deployment
security_group_id Security group ID of the ECS task
target_group_arn The ARN of the Target Group
task_definition_arn ARN of the task definition
task_execution_role_arn ARN of the execution role
tcp_listener_arn The ARN of the TCP listener

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • HCL 97.6%
  • Smarty 2.4%