Terraform module with create ECS Cluster resources on AWS.
Please see at `examples/simple`| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| aws | >= 4.00 |
| Name | Version |
|---|---|
| aws | 4.8.0 |
| Name | Source | Version |
|---|---|---|
| application_record | oozou/route53/aws | 1.0.2 |
| Name | Type |
|---|---|
| aws_ecs_capacity_provider.this | resource |
| aws_ecs_cluster.this | resource |
| aws_ecs_cluster_capacity_providers.this | resource |
| aws_iam_role.this | resource |
| aws_lb.this | resource |
| aws_lb_listener.front_end_https_http_redirect | resource |
| aws_lb_listener.http | resource |
| aws_security_group.alb | resource |
| aws_security_group.ecs_tasks | resource |
| aws_security_group_rule.alb_ingress | resource |
| aws_security_group_rule.alb_to_tasks | resource |
| aws_security_group_rule.ecs_tasks_ingress | resource |
| aws_security_group_rule.leaving_alb | resource |
| aws_security_group_rule.public_to_alb | resource |
| aws_security_group_rule.public_to_alb_http | resource |
| aws_security_group_rule.tasks_to_tasks_all | resource |
| aws_security_group_rule.tasks_to_world | resource |
| aws_service_discovery_private_dns_namespace.internal | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_managed_policy_arns | Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, Terraform will ignore policy attachments to this resource. When configured, Terraform will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., managed_policy_arns = []) will cause Terraform to remove all managed policy attachments. | list(string) |
[] |
no |
| additional_security_group_alb_ingress_rules | Map of ingress and any specific/overriding attributes to be created | any |
{} |
no |
| additional_security_group_ingress_rules | Map of ingress and any specific/overriding attributes to be created | any |
{} |
no |
| alb_access_logs_bucket_name | ALB access_logs S3 bucket name. | string |
"" |
no |
| alb_aws_security_group_id | (Require) when is_create_alb_security_group is set to false |
string |
"" |
no |
| alb_certificate_arn | Certitificate ARN to link with ALB | string |
"" |
no |
| alb_listener_port | The port to listen on the ALB for public services (80/443, default 443) | number |
443 |
no |
| allow_access_from_principals | A list of Account Numbers, ARNs, and Service Principals who needs to access the cluster | list(string) |
[] |
no |
| capacity_provider_asg_config | Auto scaling group arn for capacity provider EC2 | map(any) |
null |
no |
| default_fixed_response | Map of listener default fixed response | any |
{ |
no |
| ecs_task_security_group_id | (Require) when is_create_alb_security_group is set to false |
string |
"" |
no |
| enable_deletion_protection | (Optional) If true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. Defaults to false. | bool |
false |
no |
| environment | Environment Variable used as a prefix | string |
n/a | yes |
| fully_qualified_domain_name | The domain name for the ACM cert for attaching to the ALB i.e. *.example.com, www.amazing.com | string |
"" |
no |
| is_create_alb | Whether to create alb or not | bool |
true |
no |
| is_create_alb_dns_record | Whether to create ALB dns record or not | bool |
true |
no |
| is_create_alb_security_group | Whether to create ALB security group or not | bool |
true |
no |
| is_create_ecs_task_security_group | Whether to create ECS tasks security group or not | bool |
true |
no |
| is_create_role | Whether to create ecs role or not | bool |
true |
no |
| is_enable_access_log | Boolean to enable / disable access_logs. Defaults to false, even when bucket is specified. | bool |
false |
no |
| is_enable_container_insights | Whether to be used to enable CloudWatch Container Insights for a cluster. | bool |
true |
no |
| is_ignore_unsecured_connection | Whether to by pass the HTTPs endpoints required or not | bool |
false |
no |
| is_public_alb | Flag for Internal/Public ALB. ALB is production env should be public | bool |
false |
no |
| name | Name of the ECS cluster to create | string |
n/a | yes |
| prefix | The prefix name of customer to be displayed in AWS console and resource | string |
n/a | yes |
| private_subnet_ids | Private subnets for container deployment | list(string) |
[] |
no |
| public_subnet_ids | Public subnets for AWS Application Load Balancer deployment | list(string) |
[] |
no |
| route53_hosted_zone_name | The domain name in Route53 to fetch the hosted zone, i.e. example.com, mango-dev.blue.cloud | string |
"" |
no |
| tags | Custom tags which can be passed on to the AWS resources. They should be key value pairs having distinct keys | map(any) |
{} |
no |
| vpc_id | VPC to deploy the cluster in | string |
n/a | yes |
| Name | Description |
|---|---|
| alb_arn | ARN of alb |
| alb_dns_name | The DNS name of the load balancer. |
| alb_id | ID of alb |
| alb_listener_http_arn | ARN of the listener (matches id). |
| alb_listener_https_redirect_arn | ARN of the listener (matches id). |
| capacity_provider_name | Name of capacity provider. |
| ecs_access_role_arn | Amazon Resource Name (ARN) specifying the role. |
| ecs_cluster_arn | ARN that identifies the cluster. |
| ecs_cluster_id | ID that identifies the cluster. |
| ecs_cluster_name | Name of the cluster |
| ecs_task_security_group_id | ID of the security group rule. |
| service_discovery_namespace | The ID of a namespace. |