feat: exposed container_cpu/container_memory/task_cpu/task_memory var… (

#50)

…iables

## Description
<!--- Describe your changes in detail -->

## Motivation and Context
<!--- Why is this change required? What problem does it solve? -->
<!--- If it fixes an open issue, please link to the issue here. -->

## Breaking Changes
<!-- Does this break backwards compatibility with the current major
version? -->
<!-- If so, please provide an explanation why it is necessary. -->

## How Has This Been Tested?
- [ ] I have updated at least one of the `examples/*` to demonstrate and
validate my change(s)
- [ ] I have tested and validated these changes using one or more of the
provided `examples/*` projects
<!--- Users should start with an existing example as its written, deploy
it, then check their changes against it -->
<!--- This will highlight breaking/disruptive changes. Once you have
checked, deploy your changes to verify -->
<!--- Please describe how you tested your changes -->
- [ ] I have executed `pre-commit run -a` on my pull request
<!--- Please see
https://github.com/antonbabenko/pre-commit-terraform#how-to-install for
how to install -->

README.md

@@ -20,11 +20,11 @@ Terraform module which creates a traefik ecs task
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_container_definition"></a> [container\_definition](#module\_container\_definition) | cloudposse/ecs-container-definition/aws | 0.58.1 |
+| <a name="module_container_definition"></a> [container\_definition](#module\_container\_definition) | cloudposse/ecs-container-definition/aws | 0.61.1 |
 | <a name="module_ecs_label"></a> [ecs\_label](#module\_ecs\_label) | justtrackio/label/null | 0.26.0 |
 | <a name="module_iam_label"></a> [iam\_label](#module\_iam\_label) | justtrackio/label/null | 0.26.0 |
-| <a name="module_nlb"></a> [nlb](#module\_nlb) | terraform-aws-modules/alb/aws | 8.3.1 |
-| <a name="module_service_task"></a> [service\_task](#module\_service\_task) | justtrackio/ecs-alb-service-task/aws | 1.1.0 |
+| <a name="module_nlb"></a> [nlb](#module\_nlb) | terraform-aws-modules/alb/aws | 9.8.0 |
+| <a name="module_service_task"></a> [service\_task](#module\_service\_task) | justtrackio/ecs-alb-service-task/aws | 1.3.0 |
 | <a name="module_this"></a> [this](#module\_this) | justtrackio/label/null | 0.26.0 |
 
 ## Resources
@@ -53,8 +53,10 @@ Terraform module which creates a traefik ecs task
 | <a name="input_aws_account_id"></a> [aws\_account\_id](#input\_aws\_account\_id) | AWS account id | `string` | `null` | no |
 | <a name="input_aws_region"></a> [aws\_region](#input\_aws\_region) | AWS region | `string` | `null` | no |
 | <a name="input_cloudwatch_log_group_enabled"></a> [cloudwatch\_log\_group\_enabled](#input\_cloudwatch\_log\_group\_enabled) | A boolean to disable cloudwatch log group creation | `bool` | `true` | no |
-| <a name="input_container_image_tag"></a> [container\_image\_tag](#input\_container\_image\_tag) | The image tag used to start the container. Images in the Docker Hub registry available by default | `string` | `"v2.9.6"` | no |
+| <a name="input_container_cpu"></a> [container\_cpu](#input\_container\_cpu) | The number of cpu units to reserve for the container. This is optional for tasks using Fargate launch type and the total amount of container\_cpu of all containers in a task will need to be lower than the task-level cpu value | `number` | `512` | no |
+| <a name="input_container_image_tag"></a> [container\_image\_tag](#input\_container\_image\_tag) | The image tag used to start the container. Images in the Docker Hub registry available by default | `string` | `"v2.11.0"` | no |
 | <a name="input_container_image_url"></a> [container\_image\_url](#input\_container\_image\_url) | The image tag used to start the container. Images in the Docker Hub registry available by default | `string` | `"traefik"` | no |
+| <a name="input_container_memory"></a> [container\_memory](#input\_container\_memory) | The amount of memory (in MiB) to allow the container to use. This is a hard limit, if the container attempts to exceed the container\_memory, the container is killed. This field is optional for Fargate launch type and the total amount of container\_memory of all containers in a task will need to be lower than the task memory value | `number` | `256` | no |
 | <a name="input_context"></a> [context](#input\_context) | Single object for setting entire context at once.<br>See description of individual variables for details.<br>Leave string and numeric variables as `null` to use default value.<br>Individual variable settings (non-null) override settings in context object,<br>except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | <pre>{<br>  "additional_tag_map": {},<br>  "attributes": [],<br>  "delimiter": null,<br>  "descriptor_formats": {},<br>  "enabled": true,<br>  "environment": null,<br>  "id_length_limit": null,<br>  "label_key_case": null,<br>  "label_order": [],<br>  "label_value_case": null,<br>  "labels_as_tags": [<br>    "unset"<br>  ],<br>  "name": null,<br>  "namespace": null,<br>  "regex_replace_chars": null,<br>  "stage": null,<br>  "tags": {},<br>  "tenant": null<br>}</pre> | no |
 | <a name="input_delimiter"></a> [delimiter](#input\_delimiter) | Delimiter to be used between ID elements.<br>Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
 | <a name="input_deployment_maximum_percent"></a> [deployment\_maximum\_percent](#input\_deployment\_maximum\_percent) | The upper limit of the number of tasks (as a percentage of `desired_count`) that can be running in a service during a deployment | `number` | `150` | no |
@@ -93,6 +95,8 @@ Terraform module which creates a traefik ecs task
 | <a name="input_stage"></a> [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
 | <a name="input_subnets"></a> [subnets](#input\_subnets) | A list of subnets to associate with the load balancer. e.g. ['subnet-1a2b3c4d','subnet-1a2b3c4e','subnet-1a2b3c4f'] | `list(string)` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).<br>Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |
+| <a name="input_task_cpu"></a> [task\_cpu](#input\_task\_cpu) | The number of CPU units used by the task. If using `FARGATE` launch type `task_cpu` must match [supported memory values](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) | `number` | `1024` | no |
+| <a name="input_task_memory"></a> [task\_memory](#input\_task\_memory) | The amount of memory (in MiB) used by the task. If using Fargate launch type `task_memory` must match [supported cpu value](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) | `number` | `512` | no |
 | <a name="input_tenant"></a> [tenant](#input\_tenant) | ID element \_(Rarely used, not included by default)\_. A customer identifier, indicating who this instance of a resource is for | `string` | `null` | no |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | VPC id where the load balancer and other resources will be deployed. | `string` | n/a | yes |
 | <a name="input_wait_for_steady_state"></a> [wait\_for\_steady\_state](#input\_wait\_for\_steady\_state) | If true, it will wait for the service to reach a steady state (like aws ecs wait services-stable) before continuing | `bool` | `true` | no |

main.tf

@@ -9,106 +9,119 @@ locals {
 
 module "nlb" {
   source  = "terraform-aws-modules/alb/aws"
-  version = "8.3.1"
+  version = "9.8.0"
 
-  name               = module.this.id
-  vpc_id             = var.vpc_id
-  subnets            = var.subnets
-  internal           = var.internal
-  load_balancer_type = var.load_balancer_type
+  create_security_group = false
+  name                  = module.this.id
+  vpc_id                = var.vpc_id
+  subnets               = var.subnets
+  internal              = var.internal
+  load_balancer_type    = var.load_balancer_type
 
-  security_group_rules = {
+  security_group_ingress_rules = {
     ingress_all = {
-      type        = "ingress"
-      from_port   = 0
-      to_port     = 0
-      protocol    = "-1"
-      cidr_blocks = ["0.0.0.0/0"]
+      from_port   = -1
+      to_port     = -1
+      ip_protocol = "-1"
+      cidr_ipv4   = "0.0.0.0/0"
     }
+  }
+  security_group_egress_rules = {
     egress_all = {
-      type        = "egress"
-      from_port   = 0
-      to_port     = 0
-      protocol    = "-1"
-      cidr_blocks = ["0.0.0.0/0"]
+      from_port   = -1
+      to_port     = -1
+      ip_protocol = "-1"
+      cidr_ipv4   = "0.0.0.0/0"
     }
   }
 
   target_groups = concat([
     {
+      create_attachment  = false
       name               = "${module.this.id}-${var.port_gateway}"
-      backend_protocol   = "TCP"
-      backend_port       = var.port_gateway
+      protocol           = "TCP"
+      port               = var.port_gateway
       preserve_client_ip = false
       health_check       = local.health_check
     },
     {
+      create_attachment  = false
       name               = "${module.this.id}-${var.port_metadata}"
-      backend_protocol   = "TCP"
-      backend_port       = var.port_metadata
+      protocol           = "TCP"
+      port               = var.port_metadata
       preserve_client_ip = false
       health_check       = local.health_check
     },
     {
+      create_attachment  = false
       name               = "${module.this.id}-${var.port_health}"
-      backend_protocol   = "TCP"
-      backend_port       = var.port_health
+      protocol           = "TCP"
+      port               = var.port_health
       preserve_client_ip = false
       health_check       = local.health_check
     },
     {
+      create_attachment  = false
       name               = "${module.this.id}-80"
-      backend_protocol   = "TCP"
-      backend_port       = 80
+      protocol           = "TCP"
+      port               = 80
       preserve_client_ip = false
       health_check       = local.health_check
     },
     ],
     var.prometheus_metrics_enabled ? [
       {
+        create_attachment  = false
         name               = "${module.this.id}-${var.port_metrics}"
-        backend_protocol   = "TCP"
-        backend_port       = var.port_metrics
+        protocol           = "TCP"
+        port               = var.port_metrics
         preserve_client_ip = false
         health_check       = local.health_check
       },
     ] : []
   )
 
-  http_tcp_listeners = concat([
+  listeners = concat([
     {
-      port               = var.port_gateway
-      protocol           = "TCP"
-      target_group_index = 0
+      forward = {
+        target_group_key = 0
+      }
+      port     = var.port_gateway
+      protocol = "TCP"
     },
     {
-      port               = var.port_metadata
-      protocol           = "TCP"
-      target_group_index = 1
+      forward = {
+        target_group_key = 1
+      }
+      port     = var.port_metadata
+      protocol = "TCP"
     },
     {
-      port               = var.port_health
-      protocol           = "TCP"
-      target_group_index = 2
+      forward = {
+        target_group_key = 2
+      }
+      port     = var.port_health
+      protocol = "TCP"
+    },
+    {
+      forward = {
+        target_group_key = 3
+      }
+      port            = 443
+      protocol        = "TLS"
+      certificate_arn = var.https_listeners_certificate_arn
     },
     ], var.prometheus_metrics_enabled ? [
     {
-      port               = var.port_metrics
-      protocol           = "TCP"
-      target_group_index = 4
+      forward = {
+        target_group_key = 4
+      }
+      port     = var.port_metrics
+      protocol = "TCP"
     },
     ] : []
   )
 
-  https_listeners = [
-    {
-      port               = 443
-      protocol           = "TLS"
-      certificate_arn    = var.https_listeners_certificate_arn
-      target_group_index = 3
-    },
-  ]
-
   tags = module.this.tags
 }
 
@@ -131,10 +144,12 @@ resource "aws_cloudwatch_log_group" "default" {
 
 module "container_definition" {
   source  = "cloudposse/ecs-container-definition/aws"
-  version = "0.58.1"
+  version = "0.61.1"
 
-  container_name  = module.ecs_label.id
-  container_image = "${var.container_image_url}:${var.container_image_tag}"
+  container_name   = module.ecs_label.id
+  container_image  = "${var.container_image_url}:${var.container_image_tag}"
+  container_cpu    = var.container_cpu
+  container_memory = var.container_memory
   port_mappings = concat([
     {
       containerPort = var.port_gateway
@@ -211,7 +226,7 @@ module "container_definition" {
 
 module "service_task" {
   source  = "justtrackio/ecs-alb-service-task/aws"
-  version = "1.1.0"
+  version = "1.3.0"
 
   container_definition_json          = local.container_definitions
   ecs_cluster_arn                    = var.ecs_cluster_arn
@@ -243,35 +258,38 @@ module "service_task" {
     }
   ]
 
+  task_cpu    = var.task_cpu
+  task_memory = var.task_memory
+
   ecs_load_balancers = concat([
     {
-      target_group_arn = module.nlb.target_group_arns[0]
+      target_group_arn = module.nlb.target_groups[0].arn
       container_name   = module.ecs_label.id
       elb_name         = null
       container_port   = var.port_gateway
     },
     {
-      target_group_arn = module.nlb.target_group_arns[1]
+      target_group_arn = module.nlb.target_groups[1].arn
       container_name   = module.ecs_label.id
       elb_name         = null
       container_port   = var.port_metadata
     },
     {
-      target_group_arn = module.nlb.target_group_arns[2]
+      target_group_arn = module.nlb.target_groups[2].arn
       container_name   = module.ecs_label.id
       elb_name         = null
       container_port   = var.port_health
     },
     {
-      target_group_arn = module.nlb.target_group_arns[3]
+      target_group_arn = module.nlb.target_groups[3].arn
       container_name   = module.ecs_label.id
       elb_name         = null
       container_port   = 8443
     },
     ],
     var.prometheus_metrics_enabled ? [
       {
-        target_group_arn = module.nlb.target_group_arns[4]
+        target_group_arn = module.nlb.target_groups[4].arn
         container_name   = module.ecs_label.id
         elb_name         = null
         container_port   = var.port_metrics

outputs.tf

@@ -1,9 +1,9 @@
 output "lb_dns_name" {
   description = "The DNS name of the load balancer"
-  value       = module.nlb.lb_dns_name
+  value       = module.nlb.dns_name
 }
 
 output "lb_zone_id" {
   description = "The zone_id of the load balancer to assist with creating DNS records"
-  value       = module.nlb.lb_zone_id
+  value       = module.nlb.zone_id
 }

route53.tf

@@ -40,8 +40,8 @@ resource "aws_route53_record" "default" {
   type    = "A"
 
   alias {
-    name                   = module.nlb.lb_dns_name
-    zone_id                = module.nlb.lb_zone_id
+    name                   = module.nlb.dns_name
+    zone_id                = module.nlb.zone_id
     evaluate_target_health = true
   }
 }

variables.tf

@@ -4,6 +4,18 @@ variable "additional_vpc_id" {
   default     = []
 }
 
+variable "container_cpu" {
+  type        = number
+  description = "The number of cpu units to reserve for the container. This is optional for tasks using Fargate launch type and the total amount of container_cpu of all containers in a task will need to be lower than the task-level cpu value"
+  default     = 512
+}
+
+variable "container_memory" {
+  type        = number
+  description = "The amount of memory (in MiB) to allow the container to use. This is a hard limit, if the container attempts to exceed the container_memory, the container is killed. This field is optional for Fargate launch type and the total amount of container_memory of all containers in a task will need to be lower than the task memory value"
+  default     = 256
+}
+
 variable "cloudwatch_log_group_enabled" {
   type        = bool
   description = "A boolean to disable cloudwatch log group creation"
@@ -13,7 +25,7 @@ variable "cloudwatch_log_group_enabled" {
 variable "container_image_tag" {
   type        = string
   description = "The image tag used to start the container. Images in the Docker Hub registry available by default"
-  default     = "v2.9.6"
+  default     = "v2.11.0"
 }
 
 variable "container_image_url" {
@@ -156,6 +168,18 @@ variable "subnets" {
   type        = list(string)
 }
 
+variable "task_cpu" {
+  type        = number
+  description = "The number of CPU units used by the task. If using `FARGATE` launch type `task_cpu` must match [supported memory values](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size)"
+  default     = 1024
+}
+
+variable "task_memory" {
+  type        = number
+  description = "The amount of memory (in MiB) used by the task. If using Fargate launch type `task_memory` must match [supported cpu value](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size)"
+  default     = 512
+}
+
 variable "vpc_id" {
   description = "VPC id where the load balancer and other resources will be deployed."
   type        = string