From 3f236742f4149fb142e4b510131878af2c546d7d Mon Sep 17 00:00:00 2001 From: Siddharth Singh Date: Sat, 30 Nov 2024 22:01:57 +0530 Subject: [PATCH] Refactored code --- example/.terraform.lock.hcl | 110 ----------- example/alb/.terraform.lock.hcl | 25 +++ example/alb/main.tf | 32 +++ example/data.tf | 43 ---- example/{ => ecs-cluster}/.terraform-version | 0 example/ecs-cluster/.terraform.lock.hcl | 25 +++ example/{ => ecs-cluster}/README.md | 0 example/ecs-cluster/main.tf | 79 ++++++++ example/{ => ecs-cluster}/variables.tf | 0 example/locals.tf | 3 - example/main.tf | 65 ------ example/outputs.tf | 17 -- main.tf | 42 +++- modules/alb/.terraform.lock.hcl | 93 --------- modules/alb/main.tf | 178 ++++++++++++----- modules/alb/variables.tf | 175 ++++++++--------- modules/ecs-cluster/main.tf | 152 ++++++++++++++ modules/ecs-cluster/outputs.tf | 7 + modules/ecs-cluster/variables.tf | 101 ++++++++++ modules/health-check/.terraform.lock.hcl | 27 --- modules/health-check/cloudwatch.tf | 55 ++++++ modules/health-check/data.tf | 23 +++ modules/health-check/locals.tf | 44 +++++ modules/health-check/main.tf | 196 ++++++------------- modules/health-check/variables.tf | 188 ++++++++---------- 25 files changed, 929 insertions(+), 751 deletions(-) delete mode 100644 example/.terraform.lock.hcl create mode 100644 example/alb/.terraform.lock.hcl create mode 100644 example/alb/main.tf delete mode 100644 example/data.tf rename example/{ => ecs-cluster}/.terraform-version (100%) create mode 100644 example/ecs-cluster/.terraform.lock.hcl rename example/{ => ecs-cluster}/README.md (100%) create mode 100644 example/ecs-cluster/main.tf rename example/{ => ecs-cluster}/variables.tf (100%) delete mode 100644 example/locals.tf delete mode 100644 example/main.tf delete mode 100644 example/outputs.tf delete mode 100644 modules/alb/.terraform.lock.hcl create mode 100644 modules/ecs-cluster/main.tf create mode 100644 modules/ecs-cluster/outputs.tf create mode 100644 modules/ecs-cluster/variables.tf delete mode 100644 modules/health-check/.terraform.lock.hcl create mode 100644 modules/health-check/cloudwatch.tf create mode 100644 modules/health-check/data.tf create mode 100644 modules/health-check/locals.tf diff --git a/example/.terraform.lock.hcl b/example/.terraform.lock.hcl deleted file mode 100644 index 3bd0866..0000000 --- a/example/.terraform.lock.hcl +++ /dev/null @@ -1,110 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "4.67.0" - constraints = ">= 2.0.0, >= 3.0.0, >= 3.72.0, >= 4.0.0, ~> 4.0, >= 4.2.0, ~> 4.30, >= 4.66.1, < 6.0.0" - hashes = [ - "h1:P43vwcDPG99x5WBbmqwUPgfJrfXf6/ucAIbGlRb7k1w=", - "h1:dCRc4GqsyfqHEMjgtlM1EympBcgTmcTkWaJmtd91+KA=", - "zh:0843017ecc24385f2b45f2c5fce79dc25b258e50d516877b3affee3bef34f060", - "zh:19876066cfa60de91834ec569a6448dab8c2518b8a71b5ca870b2444febddac6", - "zh:24995686b2ad88c1ffaa242e36eee791fc6070e6144f418048c4ce24d0ba5183", - "zh:4a002990b9f4d6d225d82cb2fb8805789ffef791999ee5d9cb1fef579aeff8f1", - "zh:559a2b5ace06b878c6de3ecf19b94fbae3512562f7a51e930674b16c2f606e29", - "zh:6a07da13b86b9753b95d4d8218f6dae874cf34699bca1470d6effbb4dee7f4b7", - "zh:768b3bfd126c3b77dc975c7c0e5db3207e4f9997cf41aa3385c63206242ba043", - "zh:7be5177e698d4b547083cc738b977742d70ed68487ce6f49ecd0c94dbf9d1362", - "zh:8b562a818915fb0d85959257095251a05c76f3467caa3ba95c583ba5fe043f9b", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:9c385d03a958b54e2afd5279cd8c7cbdd2d6ca5c7d6a333e61092331f38af7cf", - "zh:b3ca45f2821a89af417787df8289cb4314b273d29555ad3b2a5ab98bb4816b3b", - "zh:da3c317f1db2469615ab40aa6baba63b5643bae7110ff855277a1fb9d8eb4f2c", - "zh:dc6430622a8dc5cdab359a8704aec81d3825ea1d305bbb3bbd032b1c6adfae0c", - "zh:fac0d2ddeadf9ec53da87922f666e1e73a603a611c57bcbc4b86ac2821619b1d", - ] -} - -provider "registry.terraform.io/hashicorp/local" { - version = "2.5.1" - constraints = ">= 1.2.0" - hashes = [ - "h1:8oTPe2VUL6E2d3OcrvqyjI4Nn/Y/UEQN26WLk5O/B0g=", - "h1:tjcGlQAFA0kmQ4vKkIPPUC4it1UYxLbg4YvHOWRAJHA=", - "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561", - "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561", - "zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5", - "zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24", - "zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667", - "zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8", - "zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0", - "zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867", - "zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4", - "zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520", - ] -} - -provider "registry.terraform.io/hashicorp/null" { - version = "3.2.2" - constraints = ">= 2.0.0, >= 3.0.0" - hashes = [ - "h1:vWAsYRd7MjYr3adj8BVKRohVfHpWQdvkIwUQ2Jf5FVM=", - "h1:zT1ZbegaAYHwQa+QwIFugArWikRJI9dqohj8xb0GY88=", - "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7", - "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a", - "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3", - "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606", - "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546", - "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539", - "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422", - "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae", - "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1", - "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e", - ] -} - -provider "registry.terraform.io/hashicorp/random" { - version = "3.6.1" - constraints = ">= 3.0.0" - hashes = [ - "h1:1OlP753r4lOKlBprL0HdZGWerm5DCabD5Mli8k8lWAg=", - "h1:8iqExjtAvirFTJkpm5YyYD+fC+DGV8NTJzKsE2c70VA=", - "zh:2a0ec154e39911f19c8214acd6241e469157489fc56b6c739f45fbed5896a176", - "zh:57f4e553224a5e849c99131f5e5294be3a7adcabe2d867d8a4fef8d0976e0e52", - "zh:58f09948c608e601bd9d0a9e47dcb78e2b2c13b4bda4d8f097d09152ea9e91c5", - "zh:5c2a297146ed6fb3fe934c800e78380f700f49ff24dbb5fb5463134948e3a65f", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:7ce41e26f0603e31cdac849085fc99e5cd5b3b73414c6c6d955c0ceb249b593f", - "zh:8c9e8d30c4ef08ee8bcc4294dbf3c2115cd7d9049c6ba21422bd3471d92faf8a", - "zh:93e91be717a7ffbd6410120eb925ebb8658cc8f563de35a8b53804d33c51c8b0", - "zh:982542e921970d727ce10ed64795bf36c4dec77a5db0741d4665230d12250a0d", - "zh:b9d1873f14d6033e216510ef541c891f44d249464f13cc07d3f782d09c7d18de", - "zh:cfe27faa0bc9556391c8803ade135a5856c34a3fe85b9ae3bdd515013c0c87c1", - "zh:e4aabf3184bbb556b89e4b195eab1514c86a2914dd01c23ad9813ec17e863a8a", - ] -} - -provider "registry.terraform.io/hashicorp/time" { - version = "0.11.1" - constraints = ">= 0.7.0" - hashes = [ - "h1:IkDriv5C9G+kQQ+mP+8QGIahwKgbQcw1/mzh9U6q+ZI=", - "h1:UyhbtF79Wy4EVNrnvMcOPzmZLVQQyzM2ostfjs2l5PI=", - "zh:19a393db736ec4fd024d098d55aefaef07056c37a448ece3b55b3f5f4c2c7e4a", - "zh:227fa1e221de2907f37be78d40c06ca6a6f7b243a1ec33ade014dfaf6d92cd9c", - "zh:29970fecbf4a3ca23bacbb05d6b90cdd33dd379f90059fe39e08289951502d9f", - "zh:65024596f22f10e7dcb5e0e4a75277f275b529daa0bc0daf34ca7901c678ab88", - "zh:694d080cb5e3bf5ef08c7409208d061c135a4f5f4cdc93ea8607860995264b2e", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:b29d15d13e1b3412e6a4e1627d378dbd102659132f7488f64017dd6b6d5216d3", - "zh:bb79f4cae9f8c17c73998edc54aa16c2130a03227f7f4e71fc6ac87e230575ec", - "zh:ceccf80e95929d97f62dcf1bb3c7c7553d5757b2d9e7d222518722fc934f7ad5", - "zh:f40e638336527490e294d9c938ae55919069e6987e85a80506784ba90348792a", - "zh:f99ef33b1629a3b2278201142a3011a8489e66d92da832a5b99e442204de18fb", - "zh:fded14754ea46fdecc62a52cd970126420d4cd190e598cb61190b4724a727edb", - ] -} diff --git a/example/alb/.terraform.lock.hcl b/example/alb/.terraform.lock.hcl new file mode 100644 index 0000000..3c6e612 --- /dev/null +++ b/example/alb/.terraform.lock.hcl @@ -0,0 +1,25 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.78.0" + constraints = "~> 5.0" + hashes = [ + "h1:o7jz+dFixEcwjfdubken5ldmDJm1tkvM2adPtNDei3g=", + "zh:0ae7d41b96441d0cf7ce2e1337657bdb2e1e5c9f1c2227b0642e1dcec2f9dfba", + "zh:21f8f1edf477681ea3b095c02cad6b8e85262e45015de58e84e0c7b2bfe9a1f6", + "zh:2bdc335e341bf98445255549ae93d66cfb9bca706e62b949da98fe467c182cad", + "zh:2fe4096e260367a225a9faf4a424d62b87e5498f12cb43bdb6f4e713d11b82c3", + "zh:3c63bb7a7925d65118d17461f4691a22dbb55ea39a7404e4d71f6ccca8765f8b", + "zh:6609a28a1c638a1901d8007b5386868ccfd313b4df2e98b35d9fdef436974e3b", + "zh:7ae3aef43bc4b365824cca4659cf92459d766800656e354bdbf83feabab835e8", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:c314efe454adc6ca483261c6906e64315aeb9db0c0332818714e9b81e07df0f0", + "zh:cd3e30396b554bbc1d260252db8a0f344065d619038fe60ea870689cd32c6aa9", + "zh:d1ba48fd9d8a1cb1daa927fb9e8bb708b857f2792d796e110460c6fdcd896a47", + "zh:d31c8abe75cb9cdc1c59ad9d356a1c3ae1ba8cd29ac15eb7e01b6cd01221ab04", + "zh:dc27c5c2116b4d9b404753f73bccaa635bce21f3bfb4bb7bc8e63225c36c98fe", + "zh:de491f0d05408378413187475c815d8cb2ac6bfa63d0b42a30ad5ee492e51c07", + "zh:eb44b45a40f80a309dd5b0eb7d7fcb2cbfe588fe2f18b173ef5851346898a662", + ] +} diff --git a/example/alb/main.tf b/example/alb/main.tf new file mode 100644 index 0000000..bbdbdf5 --- /dev/null +++ b/example/alb/main.tf @@ -0,0 +1,32 @@ +terraform { + required_version = "~> 1.5" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + } +} + + +module "alb" { + source = "../../modules/alb" + + alb = { + name = "arc-poc-alb" + internal = false + } + + alb_target_group = [{ + name = "arc-poc-alb-tg" + port = 80 + vpc_id = "vpc-1234" + health_check = { + enabled = true + path = "/" + } + }] + + listener_rules = {} +} \ No newline at end of file diff --git a/example/data.tf b/example/data.tf deleted file mode 100644 index 13b9527..0000000 --- a/example/data.tf +++ /dev/null @@ -1,43 +0,0 @@ -################################################################################ -## lookups -################################################################################ -data "aws_vpc" "vpc" { - filter { - name = "tag:Name" - ## if `var.vpc_name` is unassigned, it will attempt to lookup the - ## vpc name created by github.com/sourcefuse/terraform-aws-ref-arch-network - values = var.vpc_name != null ? [var.vpc_name] : ["${var.namespace}-${var.environment}-vpc"] - } -} - -data "aws_route53_zone" "this" { - name = var.route_53_zone -} - -## public -data "aws_subnets" "public" { - filter { - name = "tag:Name" - - ## if `var.public_subnet_names` is unassigned, it will attempt to lookup the - ## subnets created by github.com/sourcefuse/terraform-aws-ref-arch-network - values = length(var.public_subnet_names) > 0 ? var.public_subnet_names : [ - "${var.namespace}-${var.environment}-public-subnet-public-${var.region}a", - "${var.namespace}-${var.environment}-public-subnet-public-${var.region}b" - ] - } -} - -## private -data "aws_subnets" "private" { - filter { - name = "tag:Name" - - ## if `var.private_subnet_names` is unassigned, it will attempt to lookup the - ## subnets created by github.com/sourcefuse/terraform-aws-ref-arch-network - values = length(var.private_subnet_names) > 0 ? var.private_subnet_names : [ - "${var.namespace}-${var.environment}-private-subnet-private-${var.region}a", - "${var.namespace}-${var.environment}-private-subnet-private-${var.region}b" - ] - } -} diff --git a/example/.terraform-version b/example/ecs-cluster/.terraform-version similarity index 100% rename from example/.terraform-version rename to example/ecs-cluster/.terraform-version diff --git a/example/ecs-cluster/.terraform.lock.hcl b/example/ecs-cluster/.terraform.lock.hcl new file mode 100644 index 0000000..3c6e612 --- /dev/null +++ b/example/ecs-cluster/.terraform.lock.hcl @@ -0,0 +1,25 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.78.0" + constraints = "~> 5.0" + hashes = [ + "h1:o7jz+dFixEcwjfdubken5ldmDJm1tkvM2adPtNDei3g=", + "zh:0ae7d41b96441d0cf7ce2e1337657bdb2e1e5c9f1c2227b0642e1dcec2f9dfba", + "zh:21f8f1edf477681ea3b095c02cad6b8e85262e45015de58e84e0c7b2bfe9a1f6", + "zh:2bdc335e341bf98445255549ae93d66cfb9bca706e62b949da98fe467c182cad", + "zh:2fe4096e260367a225a9faf4a424d62b87e5498f12cb43bdb6f4e713d11b82c3", + "zh:3c63bb7a7925d65118d17461f4691a22dbb55ea39a7404e4d71f6ccca8765f8b", + "zh:6609a28a1c638a1901d8007b5386868ccfd313b4df2e98b35d9fdef436974e3b", + "zh:7ae3aef43bc4b365824cca4659cf92459d766800656e354bdbf83feabab835e8", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:c314efe454adc6ca483261c6906e64315aeb9db0c0332818714e9b81e07df0f0", + "zh:cd3e30396b554bbc1d260252db8a0f344065d619038fe60ea870689cd32c6aa9", + "zh:d1ba48fd9d8a1cb1daa927fb9e8bb708b857f2792d796e110460c6fdcd896a47", + "zh:d31c8abe75cb9cdc1c59ad9d356a1c3ae1ba8cd29ac15eb7e01b6cd01221ab04", + "zh:dc27c5c2116b4d9b404753f73bccaa635bce21f3bfb4bb7bc8e63225c36c98fe", + "zh:de491f0d05408378413187475c815d8cb2ac6bfa63d0b42a30ad5ee492e51c07", + "zh:eb44b45a40f80a309dd5b0eb7d7fcb2cbfe588fe2f18b173ef5851346898a662", + ] +} diff --git a/example/README.md b/example/ecs-cluster/README.md similarity index 100% rename from example/README.md rename to example/ecs-cluster/README.md diff --git a/example/ecs-cluster/main.tf b/example/ecs-cluster/main.tf new file mode 100644 index 0000000..f40e965 --- /dev/null +++ b/example/ecs-cluster/main.tf @@ -0,0 +1,79 @@ +################################################################################ +## defaults +################################################################################ +terraform { + required_version = "~> 1.5" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + } +} + +module "tags" { + source = "sourcefuse/arc-tags/aws" + version = "1.2.3" + environment = var.environment + project = "Example" + + extra_tags = { + RepoName = "terraform-aws-refarch-ecs" + Example = "true" + } +} + +provider "aws" { + region = var.region +} + +################################################################################ +## ecs +################################################################################ +module "ecs" { + source = "../modules/ecs" + + create = true + + ecs_cluster = { + cluster_name = "arc-ecs-module-poc" + cluster_service_connect_defaults = [] + create_cloudwatch_log_group = true + cluster_service_connect_defaults = {} + cluster_settings = [] + cluster_configuration = { + execute_command_configuration = { + logging = "OVERRIDE" + log_configuration = { + cloud_watch_log_group_name = "arc-poc-cluster-log-group" + } + } + } + + } + + cloudwatch = { + log_group_name = "arc-poc-cluster-log-group" + log_group_retention_in_days = 5 + log_group_tags = { Environment = "poc" } + } + + capacity_provider = { + autoscaling_capacity_providers = {} + fargate_capacity_providers = { + fargate_cp = { + name = "FARGATE" + tags = { + Environment = "poc" + } + } + } + default_capacity_provider_use_fargate = true + } + + tags = { + Project = "arc-poc-ecs" + Environment = "poc" + } +} diff --git a/example/variables.tf b/example/ecs-cluster/variables.tf similarity index 100% rename from example/variables.tf rename to example/ecs-cluster/variables.tf diff --git a/example/locals.tf b/example/locals.tf deleted file mode 100644 index 34a3d74..0000000 --- a/example/locals.tf +++ /dev/null @@ -1,3 +0,0 @@ -locals { - route_53_zone = trimprefix(var.acm_domain_name, "*.") -} diff --git a/example/main.tf b/example/main.tf deleted file mode 100644 index c389415..0000000 --- a/example/main.tf +++ /dev/null @@ -1,65 +0,0 @@ -################################################################################ -## defaults -################################################################################ -terraform { - required_version = "~> 1.5" - - required_providers { - aws = { - source = "hashicorp/aws" - version = "~> 4.0" - } - } -} - -module "tags" { - source = "sourcefuse/arc-tags/aws" - version = "1.2.3" - environment = var.environment - project = "Example" - - extra_tags = { - RepoName = "terraform-aws-refarch-ecs" - Example = "true" - } -} - -provider "aws" { - region = var.region -} - -################################################################################ -## ecs -################################################################################ -module "ecs" { - source = "sourcefuse/arc-ecs/aws" - # version = "1.4.5" // please pin to the latest version from registry - // https://registry.terraform.io/modules/sourcefuse/arc-ecs/aws/latest - environment = var.environment - namespace = var.namespace - - vpc_id = data.aws_vpc.vpc.id - alb_subnet_ids = data.aws_subnets.public.ids - health_check_subnet_ids = data.aws_subnets.private.ids - - // --- Devs: DO NOT override, otherwise tests will fail --- // - access_logs_enabled = false - alb_access_logs_s3_bucket_force_destroy = true - alb_access_logs_s3_bucket_force_destroy_enabled = true - // -------------------------- END ------------------------- // - - ## create acm certificate and dns record for health check - route_53_zone_name = var.route_53_zone - route_53_zone_id = data.aws_route53_zone.this.id - acm_domain_name = "healthcheck-ecs-${var.namespace}-${var.environment}.${local.route_53_zone}" - acm_subject_alternative_names = [] - health_check_route_53_records = [ - "healthcheck-ecs-${var.namespace}-${var.environment}.${local.route_53_zone}" - ] - - service_discovery_private_dns_namespace = [ - "${var.namespace}.${var.environment}.${local.route_53_zone}" - ] - - tags = module.tags.tags -} diff --git a/example/outputs.tf b/example/outputs.tf deleted file mode 100644 index d1c1675..0000000 --- a/example/outputs.tf +++ /dev/null @@ -1,17 +0,0 @@ -output "cluster_name" { - description = "Name of the ECS Cluster" - value = module.ecs.cluster_name -} -output "cluster_arn" { - description = "ECS Cluster ARN" - value = module.ecs.cluster_arn -} -output "cluster_id" { - description = "ECS Cluster ID" - value = module.ecs.cluster_id -} -## health check -output "health_check_fqdn" { - description = "Health check FQDN record created in Route 53." - value = module.ecs.health_check_fqdn -} diff --git a/main.tf b/main.tf index 651c203..9390ba0 100644 --- a/main.tf +++ b/main.tf @@ -16,24 +16,46 @@ terraform { ## cluster ################################################################################ module "ecs" { - source = "git::https://github.com/terraform-aws-modules/terraform-aws-ecs?ref=v5.11.1" - cluster_name = local.cluster_name + source = "./modules/ecs" - cluster_configuration = { - execute_command_configuration = { - logging = "OVERRIDE" + create = true - log_configuration = { - cloud_watch_log_group_name = aws_cloudwatch_log_group.this.name + ecs_cluster = { + cluster_name = "my-ecs-cluster" + cluster_service_connect_defaults = [] + create_cloudwatch_log_group = false + + } + + cloudwatch = { + log_group_name = "my-cloudwatch-log-group" + log_group_retention_in_days = 7 + log_group_kms_key_id = null + log_group_tags = { Environment = "production" } + } + + capacity_provider = { + autoscaling_capacity_providers = { + my-provider = { + name = "my-autoscaling-provider" + auto_scaling_group_arn = "arn:aws:autoscaling:region:account-id:autoScalingGroup:autoScalingGroupName/my-asg" + managed_scaling = { instance_warmup_period = 300, maximum_scaling_step_size = 10, minimum_scaling_step_size = 1, status = "ENABLED", target_capacity = 100 } + managed_termination_protection = "ENABLED" + managed_draining = "ENABLED" + tags = { Environment = "production" } } } + fargate_capacity_providers = {} + default_capacity_provider_use_fargate = false } - tags = merge(var.tags, tomap({ - Name = local.cluster_name - })) + tags = { + Project = "MyProject" + Environment = "production" + } } + ## logging resource "aws_cloudwatch_log_group" "this" { name = "/${var.namespace}/${var.environment}/ecs/${local.cluster_name}" diff --git a/modules/alb/.terraform.lock.hcl b/modules/alb/.terraform.lock.hcl deleted file mode 100644 index d75a909..0000000 --- a/modules/alb/.terraform.lock.hcl +++ /dev/null @@ -1,93 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "4.57.1" - constraints = ">= 2.0.0, >= 4.0.0, >= 4.2.0, ~> 4.30" - hashes = [ - "h1:Qfq7Q9aCQqdl7w439mCMm89126n8DsDAmg6H8gXhnLI=", - "h1:lyiJFRB0nKUS/OkS8OSqxAYZuLWVBIPpN67VGoDyYak=", - "h1:rqJN5HwMnJtHIvIzublREIxUibBFYIKyeQcgOov4DUQ=", - "zh:44200c213ddb138df80d2a5ad86c2ebadbb5fd1d08cd7e4fc56ec6dca927659b", - "zh:469e6fe6a9e99e60cb168d32f05e2e9a83cf161f39160d075ff96f7674c510e1", - "zh:6110ba2c15a2268652ec9ea3797dd0216de84ece428055c49eaf9caa2be1ed62", - "zh:62ed7348acca44f64fc087e879e01cfa4e084c7600cc91e8bb7683f8065a9c79", - "zh:7a80e6fa9b35be178bb566093f7984dd6ffb7ad9d40b9dd5d5907f054f0c3e60", - "zh:8793043c8575a598c1a7cbefcb65ee1776b0061eba719098e552a3adc88f3090", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:a777a0082114e273b7b3eb14095a3f6f6e703c1aff61ffb1f0846bb869e6dfc7", - "zh:b060c3b2973097f2087a98ac6aad7c9c89fe80f7cf3027019049feafc3f8305b", - "zh:e7035e74563f4486848ea1feb60852175353790bc374e0e97e241a88dc0908f7", - "zh:eaaa8e9eba09ada41e13116d53d4baece04fead8fcf3eab68cca3a67ed738e18", - "zh:ec52d8f95a84fad8fe1aae169c89d0c54d5401f75caae0869ad8182c6b6db65b", - "zh:f0e33174025b1b57ecfbdd09f2a59c2559ee94d7681e5ae09079e2822ec54ecf", - "zh:f69790a21380e5aab9303a252564737333e1e95b5d25567681630e49b17e3ec7", - "zh:ff6053942c40a99904bd407f3c082c1fa8f927ecce0374566eb7e8ee8145e582", - ] -} - -provider "registry.terraform.io/hashicorp/local" { - version = "2.3.0" - constraints = ">= 1.2.0" - hashes = [ - "h1:+l9ZTDGmGdwnuYI5ftUjwP8UgoLw4f4V9xoCzal4LW0=", - "h1:7y8CXQKtfyvrMCSWgCkCclNN9L161u6jO1dEGVaB5RQ=", - "h1:U+DbBqKnXSIqC2z7qIko2dy8w6wwuZd89orPvfeqHk0=", - "zh:1f1920b3f78c31c6b69cdfe1e016a959667c0e2d01934e1a084b94d5a02cd9d2", - "zh:550a3cdae0ddb350942624e7b2e8b31d28bc15c20511553432413b1f38f4b214", - "zh:68d1d9ccbfce2ce56b28a23b22833a5369d4c719d6d75d50e101a8a8dbe33b9b", - "zh:6ae3ad6d865a906920c313ec2f413d080efe32c230aca711fd106b4cb9022ced", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:a0f413d50f54124057ae3dcd9353a797b84e91dc34bcf85c34a06f8aef1f9b12", - "zh:a2ac6d4088ceddcd73d88505e18b8226a6e008bff967b9e2d04254ef71b4ac6b", - "zh:a851010672e5218bdd4c4ea1822706c9025ef813a03da716d647dd6f8e2cffb0", - "zh:aa797561755041ef2fad99ee9ffc12b5e724e246bb019b21d7409afc2ece3232", - "zh:c6afa960a20d776f54bb1fc260cd13ead17280ebd87f05b9abcaa841ed29d289", - "zh:df0975e86b30bb89717b8c8d6d4690b21db66de06e79e6d6cfda769f3304afe6", - "zh:f0d3cc3da72135efdbe8f4cfbfb0f2f7174827887990a5545e6db1981f0d3a7c", - ] -} - -provider "registry.terraform.io/hashicorp/null" { - version = "3.2.1" - constraints = ">= 2.0.0" - hashes = [ - "h1:FbGfc+muBsC17Ohy5g806iuI1hQc4SIexpYCrQHQd8w=", - "h1:tSj1mL6OQ8ILGqR2mDu7OYYYWf+hoir0pf9KAQ8IzO8=", - "h1:ydA0/SNRVB1o95btfshvYsmxA+jZFRZcvKzZSB+4S1M=", - "zh:58ed64389620cc7b82f01332e27723856422820cfd302e304b5f6c3436fb9840", - "zh:62a5cc82c3b2ddef7ef3a6f2fedb7b9b3deff4ab7b414938b08e51d6e8be87cb", - "zh:63cff4de03af983175a7e37e52d4bd89d990be256b16b5c7f919aff5ad485aa5", - "zh:74cb22c6700e48486b7cabefa10b33b801dfcab56f1a6ac9b6624531f3d36ea3", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:79e553aff77f1cfa9012a2218b8238dd672ea5e1b2924775ac9ac24d2a75c238", - "zh:a1e06ddda0b5ac48f7e7c7d59e1ab5a4073bbcf876c73c0299e4610ed53859dc", - "zh:c37a97090f1a82222925d45d84483b2aa702ef7ab66532af6cbcfb567818b970", - "zh:e4453fbebf90c53ca3323a92e7ca0f9961427d2f0ce0d2b65523cc04d5d999c2", - "zh:e80a746921946d8b6761e77305b752ad188da60688cfd2059322875d363be5f5", - "zh:fbdb892d9822ed0e4cb60f2fedbdbb556e4da0d88d3b942ae963ed6ff091e48f", - "zh:fca01a623d90d0cad0843102f9b8b9fe0d3ff8244593bd817f126582b52dd694", - ] -} - -provider "registry.terraform.io/hashicorp/time" { - version = "0.9.1" - constraints = ">= 0.7.0" - hashes = [ - "h1:NUv/YtEytDQncBQ2mTxnUZEy/rmDlPYmE9h2iokR0vk=", - "h1:UHcDnIYFZ00uoou0TwPGMwOrE8gTkoRephIvdwDAK70=", - "h1:VxyoYYOCaJGDmLz4TruZQTSfQhvwEcMxvcKclWdnpbs=", - "zh:00a1476ecf18c735cc08e27bfa835c33f8ac8fa6fa746b01cd3bcbad8ca84f7f", - "zh:3007f8fc4a4f8614c43e8ef1d4b0c773a5de1dcac50e701d8abc9fdc8fcb6bf5", - "zh:5f79d0730fdec8cb148b277de3f00485eff3e9cf1ff47fb715b1c969e5bbd9d4", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:8c8094689a2bed4bb597d24a418bbbf846e15507f08be447d0a5acea67c2265a", - "zh:a6d9206e95d5681229429b406bc7a9ba4b2d9b67470bda7df88fa161508ace57", - "zh:aa299ec058f23ebe68976c7581017de50da6204883950de228ed9246f309e7f1", - "zh:b129f00f45fba1991db0aa954a6ba48d90f64a738629119bfb8e9a844b66e80b", - "zh:ef6cecf5f50cda971c1b215847938ced4cb4a30a18095509c068643b14030b00", - "zh:f1f46a4f6c65886d2dd27b66d92632232adc64f92145bf8403fe64d5ffa5caea", - "zh:f79d6155cda7d559c60d74883a24879a01c4d5f6fd7e8d1e3250f3cd215fb904", - "zh:fd59fa73074805c3575f08cd627eef7acda14ab6dac2c135a66e7a38d262201c", - ] -} diff --git a/modules/alb/main.tf b/modules/alb/main.tf index 00c3e1a..176eb13 100644 --- a/modules/alb/main.tf +++ b/modules/alb/main.tf @@ -2,12 +2,12 @@ ## defaults ################################################################################ terraform { - required_version = "~> 1.3" + required_version = "~> 1.5" required_providers { aws = { source = "hashicorp/aws" - version = "~> 4.30" + version = "~> 5.0" } } } @@ -15,49 +15,133 @@ terraform { ################################################################################ ## Load balancer ################################################################################ -module "alb" { - source = "git::https://github.com/cloudposse/terraform-aws-alb?ref=1.5.0" - - name = var.name - vpc_id = var.vpc_id - security_group_ids = var.security_group_ids - subnet_ids = var.subnet_ids - - // --- DO NOT change values here --- // - http_enabled = false - http_redirect = false - https_enabled = false - drop_invalid_header_fields = false - default_target_group_enabled = false - // -------------- END --------------- // - - internal = var.internal - http2_enabled = true - cross_zone_load_balancing_enabled = var.cross_zone_load_balancing_enabled - idle_timeout = var.idle_timeout - deregistration_delay = var.deregistration_delay - ip_address_type = var.ip_address_type - deletion_protection_enabled = var.deletion_protection_enabled - - health_check_path = "/" // TODO - make into variable - health_check_matcher = "200-399" // TODO - make into variable - health_check_timeout = 10 // TODO - make into variable - health_check_healthy_threshold = 2 // TODO - make into variable - health_check_unhealthy_threshold = 2 // TODO - make into variable - health_check_interval = 15 // TODO - make into variable - - alb_access_logs_s3_bucket_force_destroy = var.alb_access_logs_s3_bucket_force_destroy - alb_access_logs_s3_bucket_force_destroy_enabled = var.alb_access_logs_s3_bucket_force_destroy_enabled - - glacier_transition_days = 60 // TODO - make into variable. - access_logs_enabled = var.access_logs_enabled - enable_glacier_transition = true // TODO - make into variable. - - security_group_enabled = true - http_ingress_cidr_blocks = var.http_ingress_cidr_blocks - http_port = 80 - https_port = 443 - https_ingress_cidr_blocks = var.https_ingress_cidr_blocks - - tags = var.tags + +resource "aws_lb" "this" { + count = var.create_alb ? 1 : 0 + + name = var.alb.name + internal = var.alb.internal + load_balancer_type = var.alb.load_balancer_type + security_groups = [aws_security_group.lb_sg.id] + subnets = [for subnet in aws_subnet.public : subnet.id] + idle_timeout = var.alb.idle_timeout + enable_deletion_protection = var.alb.enable_deletion_protection + enable_http2 = var.alb.enable_http2 + + access_logs { + bucket = var.alb.access_logs.bucket + enabled = var.alb.access_logs.enabled + prefix = var.alb.access_logs.prefix + } +} + + +## Target Group + +resource "aws_lb_target_group" "this" { + for_each = { for tg in var.alb_target_group : tg.name => tg } + + name = each.value.name + port = each.value.port + protocol = each.value.protocol + protocol_version = each.value.protocol_version + vpc_id = each.value.vpc_id + target_type = each.value.target_type + ip_address_type = each.value.ip_address_type + load_balancing_algorithm_type = each.value.load_balancing_algorithm_type + load_balancing_cross_zone_enabled = each.value.load_balancing_cross_zone_enabled + deregistration_delay = each.value.deregistration_delay + slow_start = each.value.slow_start + + health_check { + enabled = each.value.health_check.enabled + protocol = each.value.health_check.protocol + path = each.value.health_check.path + port = each.value.health_check.port + timeout = each.value.health_check.timeout + healthy_threshold = each.value.health_check.healthy_threshold + unhealthy_threshold = each.value.health_check.unhealthy_threshold + interval = each.value.health_check.interval + matcher = each.value.health_check.matcher + } + + dynamic "stickiness" { + for_each = each.value.stickiness != null && each.value.stickiness.enabled ? [each.value.stickiness] : [] + content { + cookie_duration = stickiness.value.cookie_duration + type = stickiness.value.type + } + } + + lifecycle { + create_before_destroy = true + } + + tags = each.value.tags +} + +# Listener +resource "aws_lb_listener" "http" { + load_balancer_arn = aws_lb.this.arn + port = var.alb.port + protocol = var.alb.protocol + + certificate_arn = var.alb.certificate_arn + + dynamic "default_action" { + for_each = var.listener_rules + content { + type = each.value.actions[0].type + target_group_arn = lookup(each.value.actions[0], "target_group_arn", null) + } + } +} + + +resource "aws_lb_listener_rule" "this" { + for_each = var.create_listener_rule ? { for rule in var.listener_rules : "${rule.priority}" => rule } : {} + + listener_arn = aws_lb_listener.http.arn + priority = each.value.priority + + dynamic "condition" { + for_each = each.value.conditions + content { + dynamic "host_header" { + for_each = each.value.field == "host-header" ? [each.value] : [] + content { + values = each.value.values + } + } + + dynamic "path_pattern" { + for_each = each.value.field == "path-pattern" ? [each.value] : [] + content { + values = each.value.values + } + } + } +} + + dynamic "action" { + for_each = each.value.actions + content { + type = action.value.type + target_group_arn = lookup(action.value, "target_group_arn", aws_lb_target_group.this.arn) + order = lookup(action.value, "order", null) + redirect { + protocol = lookup(action.value.redirect, "protocol", null) + port = lookup(action.value.redirect, "port", null) + host = lookup(action.value.redirect, "host", null) + path = lookup(action.value.redirect, "path", null) + query = lookup(action.value.redirect, "query", null) + status_code = lookup(action.value.redirect, "status_code", null) + } + fixed_response { + content_type = lookup(action.value.fixed_response, "content_type", null) + message_body = lookup(action.value.fixed_response, "message_body", null) + status_code = lookup(action.value.fixed_response, "status_code", null) + } + } + } } diff --git a/modules/alb/variables.tf b/modules/alb/variables.tf index b6459d5..86f30dc 100644 --- a/modules/alb/variables.tf +++ b/modules/alb/variables.tf @@ -1,113 +1,98 @@ -################################################################################ -## defaults -################################################################################ -variable "name" { - description = "Name to assign the resource" - type = string - default = "" -} - -variable "vpc_id" { - description = "Id of the VPC where the resources will live" - type = string -} - -variable "tags" { - description = "Tags to assign the resources" - type = map(string) - default = {} -} - -################################################################################ -## alb -################################################################################ -variable "cross_zone_load_balancing_enabled" { - description = "A boolean flag to enable/disable cross zone load balancing" +variable "create_alb" { type = bool - default = true -} - -variable "deletion_protection_enabled" { - type = bool - description = "A boolean flag to enable/disable deletion protection for ALB" default = false + description = "A flag that decides whether to create alb" } -variable "deregistration_delay" { - description = "The amount of time to wait in seconds before changing the state of a deregistering target to unused" - type = number - default = 15 -} - -variable "idle_timeout" { - description = "The time in seconds that the connection is allowed to be idle" - type = number - default = 60 -} - -variable "internal" { - description = "Internal or external facing ALB." +variable "create_listener_rule" { type = bool default = false } -variable "ip_address_type" { - description = "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`." - type = string - default = "ipv4" -} +variable "alb" { + type = object({ + name = optional(string, null) + internal = optional(bool, false) + load_balancer_type = optional(string, "application") + idle_timeout = optional(number, 60) + enable_deletion_protection = optional(bool, false) + enable_http2 = optional(bool, true) + certificate_arn = optional(string, null) -variable "security_group_ids" { - description = "Security group Ids for access" - type = list(string) -} + access_logs = optional(object({ + bucket = string + enabled = optional(bool, false) + prefix = optional(string, "") + })) -variable "subnet_ids" { - description = "Subnet Ids assigned to the LB" - type = list(string) + tags = optional(map(string), {}) + }) } -variable "http_ingress_cidr_blocks" { - description = "List of CIDR blocks to allow in HTTP security group" - type = list(string) - default = [ - "0.0.0.0/0" - ] -} +variable "alb_target_group" { + description = "List of target groups to create" + type = list(object({ + name = optional(string, null) + port = number + protocol = optional(string, null) + protocol_version = optional(string, "HTTP1") + vpc_id = optional(string, "") + target_type = optional(string, "instance") + ip_address_type = optional(string, "ipv4") + load_balancing_algorithm_type = optional(string, "round_robin") + load_balancing_cross_zone_enabled = optional(string, "use_load_balancer_configuration") + deregistration_delay = optional(number, 300) + slow_start = optional(number, 0) + tags = optional(map(string), {}) -variable "https_ingress_cidr_blocks" { - description = "List of CIDR blocks to allow in HTTPS security group" - type = list(string) - default = [ - "0.0.0.0/0" - ] -} + health_check = optional(object({ + enabled = optional(bool, true) + protocol = optional(string, "HTTP") # Allowed values: "HTTP", "HTTPS", "TCP", etc. + path = optional(string, "/") + port = optional(string, "traffic-port") + timeout = optional(number, 6) + healthy_threshold = optional(number, 3) + unhealthy_threshold = optional(number, 3) + interval = optional(number, 30) + matcher = optional(string, "200") # Default HTTP matcher. Range 200 to 499 + })) -################################################################################ -## logs -################################################################################ -variable "access_logs_enabled" { - description = "A boolean flag to enable/disable access_logs" - type = bool - default = true -} + stickiness = optional(object({ + enabled = optional(bool, true) + type = string + cookie_duration = optional(number, 86400) + }) + ) -variable "alb_access_logs_s3_bucket_force_destroy" { - type = bool - default = false - description = "A boolean that indicates all objects should be deleted from the ALB access logs S3 bucket so that the bucket can be destroyed without error" + })) } -variable "alb_access_logs_s3_bucket_force_destroy_enabled" { - type = bool - default = false - description = <<-EOT - When `true`, permits `force_destroy` to be set to `true`. - This is an extra safety precaution to reduce the chance that Terraform will destroy and recreate - your S3 bucket, causing COMPLETE LOSS OF ALL DATA even if it was stored in Glacier. - WARNING: Upgrading this module from a version prior to 0.27.0 to this version - will cause Terraform to delete your existing S3 bucket CAUSING COMPLETE DATA LOSS - unless you follow the upgrade instructions on the Wiki [here](https://github.com/cloudposse/terraform-aws-s3-log-storage/wiki/Upgrading-to-v0.27.0-(POTENTIAL-DATA-LOSS)). - See additional instructions for upgrading from v0.27.0 to v0.28.0 [here](https://github.com/cloudposse/terraform-aws-s3-log-storage/wiki/Upgrading-to-v0.28.0-and-AWS-provider-v4-(POTENTIAL-DATA-LOSS)). - EOT +variable "listener_rules" { + description = "List of listener rules to create" + type = list(object({ + listener_arn = string + priority = number + conditions = list(object({ + field = string + values = list(string) + })) + actions = list(object({ + type = string + target_group_arn = optional(string) + order = optional(number) + redirect = optional(object({ + protocol = string + port = string + host = optional(string) + path = optional(string) + query = optional(string) + status_code = string + }), null) + fixed_response = optional(object({ + content_type = string + message_body = optional(string) + status_code = optional(string) + }), null) + })) + })) } diff --git a/modules/ecs-cluster/main.tf b/modules/ecs-cluster/main.tf new file mode 100644 index 0000000..d76ee6f --- /dev/null +++ b/modules/ecs-cluster/main.tf @@ -0,0 +1,152 @@ +################################################################################ +## defaults +################################################################################ +terraform { + required_version = "~> 1.5" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + } +} + +resource "aws_ecs_cluster" "this" { + count = var.create ? 1 : 0 + + name = var.ecs_cluster.cluster_name + + dynamic "configuration" { + for_each = var.ecs_cluster.create_cloudwatch_log_group ? [var.ecs_cluster.cluster_configuration] : [] + + content { + dynamic "execute_command_configuration" { + for_each = length(configuration.value.execute_command_configuration) > 0 ? [configuration.value.execute_command_configuration] : [] + + content { + kms_key_id = length(execute_command_configuration.value.kms_key_id) > 0 ? execute_command_configuration.value.kms_key_id : "" + logging = length(execute_command_configuration.value.logging) > 0 ? execute_command_configuration.value.logging : "DEFAULT" + + dynamic "log_configuration" { + for_each = length(execute_command_configuration.value.log_configuration) > 0 ? [execute_command_configuration.value.log_configuration] : [] + + content { + cloud_watch_encryption_enabled = log_configuration.value.cloud_watch_encryption_enabled + cloud_watch_log_group_name = log_configuration.value.cloud_watch_log_group_name + s3_bucket_name = log_configuration.value.s3_bucket_name + s3_bucket_encryption_enabled = log_configuration.value.s3_bucket_encryption_enabled + s3_key_prefix = log_configuration.value.s3_key_prefix + } + } + } + } + } + } + + + dynamic "service_connect_defaults" { + for_each = length(var.ecs_cluster.cluster_service_connect_defaults) > 0 ? [var.ecs_cluster.cluster.cluster_service_connect_defaults] : [] + + content { + namespace = service_connect_defaults.value.namespace + } + } + + + dynamic "setting" { + for_each = flatten([var.ecs_cluster.cluster_settings]) + + content { + name = setting.value.name + value = setting.value.value + } + } + + tags = var.tags +} + + +########################################################################CloudWatch Log Group +######################################################################## +resource "aws_cloudwatch_log_group" "this" { + count = var.create && var.ecs_cluster.create_cloudwatch_log_group ? 1 : 0 + + name = var.cloudwatch.log_group_name != null ? var.cloudwatch.log_group_name : "/aws/ecs/${var.ecs_cluster.cluster_name}" + + retention_in_days = var.cloudwatch.log_group_retention_in_days + kms_key_id = var.cloudwatch.log_group_kms_key_id + + tags = merge(var.tags, var.cloudwatch.log_group_tags) +} + + +################################################################################ +# ECS Capacity Provider - EC2 +################################################################################ + +resource "aws_ecs_capacity_provider" "this" { + for_each = var.create ? var.capacity_provider.autoscaling_capacity_providers : {} + + name = each.value.name != "" ? each.value.name : each.key + + auto_scaling_group_provider { + auto_scaling_group_arn = each.value.auto_scaling_group_arn + + # Enable managed termination protection only if managed scaling is defined + managed_termination_protection = each.value.managed_scaling != null ? (each.value.managed_termination_protection != null ? each.value.managed_termination_protection : "DISABLED") : "DISABLED" + + dynamic "managed_scaling" { + for_each = each.value.managed_scaling != null ? [each.value.managed_scaling] : [] + + content { + instance_warmup_period = managed_scaling.value.instance_warmup_period + maximum_scaling_step_size = managed_scaling.value.maximum_scaling_step_size + minimum_scaling_step_size = managed_scaling.value.minimum_scaling_step_size + status = managed_scaling.value.status + target_capacity = managed_scaling.value.target_capacity + } + } + } + + tags = merge(var.tags, each.value.tags) + depends_on = [aws_ecs_cluster.this] +} + + +################################################################################ +# Cluster Capacity Providers +################################################################################ + +locals { + default_capacity_providers = merge( + { for k, v in var.capacity_provider.fargate_capacity_providers : k => v if var.capacity_provider.default_capacity_provider_use_fargate }, + { for k, v in var.capacity_provider.autoscaling_capacity_providers : k => v if !var.capacity_provider.default_capacity_provider_use_fargate } + ) +} + +resource "aws_ecs_cluster_capacity_providers" "this" { + count = var.create && length(merge(var.capacity_provider.fargate_capacity_providers, var.capacity_provider.autoscaling_capacity_providers)) > 0 ? 1 : 0 + + cluster_name = var.ecs_cluster.cluster_name + + capacity_providers = distinct(concat( + [for k, v in var.capacity_provider.fargate_capacity_providers : try(v.name, k)], + [for k, v in var.capacity_provider.autoscaling_capacity_providers : try(v.name, k)] + )) + + dynamic "default_capacity_provider_strategy" { + for_each = local.default_capacity_providers + iterator = strategy + + content { + capacity_provider = strategy.value.name + base = lookup(strategy.value, "base", null) # Adjusted lookup + weight = lookup(strategy.value, "weight", null) + } + } + + depends_on = [aws_ecs_capacity_provider.this] +} + + diff --git a/modules/ecs-cluster/outputs.tf b/modules/ecs-cluster/outputs.tf new file mode 100644 index 0000000..b55ad15 --- /dev/null +++ b/modules/ecs-cluster/outputs.tf @@ -0,0 +1,7 @@ +output "ecs_cluster_id" { + value = aws_ecs_cluster.this.id +} + +output "ecs_cluster_name" { + value = aws_ecs_cluster.this.name +} diff --git a/modules/ecs-cluster/variables.tf b/modules/ecs-cluster/variables.tf new file mode 100644 index 0000000..3c6dae8 --- /dev/null +++ b/modules/ecs-cluster/variables.tf @@ -0,0 +1,101 @@ +variable "create" { + description = "Determines whether resources will be created (affects all resources)" + type = bool + default = true +} + +variable "tags" { + description = "A map of tags to add to all resources" + type = map(string) + default = {} +} +################################################################# +# Cluster +################################################################# + +variable "ecs_cluster" { + type = object({ + cluster_name = string + cluster_settings = optional(any, null) + cluster_service_connect_defaults = optional(map(string), null) + create_cloudwatch_log_group = bool + cluster_configuration = optional(object({ + execute_command_configuration = optional(object({ + kms_key_id = optional(string, "") + logging = optional(string, "DEFAULT") + log_configuration = optional(object({ + cloud_watch_encryption_enabled = optional(bool, null) + cloud_watch_log_group_name = optional(string, null) + s3_bucket_name = optional(string, null) + s3_bucket_encryption_enabled = optional(bool, null) + s3_key_prefix = optional(string, null) + }), {}) + }), {}) + }), {}) + }) + description = <