From fb8edab85401714c4061a907a7dfe7af1b9c0f09 Mon Sep 17 00:00:00 2001 From: Phillip Shipley Date: Fri, 19 Jan 2018 14:21:36 -0500 Subject: [PATCH 1/9] add support for network load balancers --- aws/alb/README.md | 1 + aws/alb/main.tf | 9 +++++---- aws/alb/vars.tf | 4 ++++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/aws/alb/README.md b/aws/alb/README.md index 00c0501..32a637a 100644 --- a/aws/alb/README.md +++ b/aws/alb/README.md @@ -30,6 +30,7 @@ groups for traffic and a default target group. - `healthy_threshold` - Default: `5` - `unhealthy_threshold` - Default: `2` - `health_check_status_codes` - Default: `200`, separate multiple values with comma, ex: `200,204` + - `load_balancer_type` - Options: `application` or `network`. Default: `application` ## Outputs diff --git a/aws/alb/main.tf b/aws/alb/main.tf index 81febf7..c5aa244 100644 --- a/aws/alb/main.tf +++ b/aws/alb/main.tf @@ -2,10 +2,11 @@ * Create application load balancer */ resource "aws_alb" "alb" { - name = "${coalesce(var.alb_name, "alb-${var.app_name}-${var.app_env}")}" - internal = "${var.internal}" - security_groups = ["${var.security_groups}"] - subnets = ["${var.subnets}"] + name = "${coalesce(var.alb_name, "alb-${var.app_name}-${var.app_env}")}" + internal = "${var.internal}" + security_groups = ["${var.security_groups}"] + subnets = ["${var.subnets}"] + load_balancer_type = "${var.load_balancer_type}" tags { Name = "${coalesce(var.alb_name, "alb-${var.app_name}-${var.app_env}")}" diff --git a/aws/alb/vars.tf b/aws/alb/vars.tf index d1ce448..43ac985 100644 --- a/aws/alb/vars.tf +++ b/aws/alb/vars.tf @@ -101,3 +101,7 @@ variable "unhealthy_threshold" { variable "health_check_status_codes" { default = "200" } + +variable "load_balancer_type" { + default = "application" +} From f8f5af8272074bb330be383ba1c48c0880796bbf Mon Sep 17 00:00:00 2001 From: Phillip Shipley Date: Fri, 9 Feb 2018 12:46:50 -0500 Subject: [PATCH 2/9] update alb security policy --- aws/alb/vars.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/alb/vars.tf b/aws/alb/vars.tf index 43ac985..135dc79 100644 --- a/aws/alb/vars.tf +++ b/aws/alb/vars.tf @@ -61,7 +61,7 @@ variable "internal" { variable "ssl_policy" { type = "string" - default = "ELBSecurityPolicy-2015-05" + default = "ELBSecurityPolicy-2016-08" } variable "tg_name" { From db31556ec3e7a5c071360b321210985cd5cb5a02 Mon Sep 17 00:00:00 2001 From: Phillip Shipley Date: Mon, 19 Feb 2018 11:45:05 -0500 Subject: [PATCH 3/9] add parameter_group_name option for mariadb --- aws/rds/mariadb/main.tf | 1 + aws/rds/mariadb/vars.tf | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/aws/rds/mariadb/main.tf b/aws/rds/mariadb/main.tf index 0f172b6..ad1a9dc 100644 --- a/aws/rds/mariadb/main.tf +++ b/aws/rds/mariadb/main.tf @@ -15,6 +15,7 @@ resource "aws_db_instance" "db_instance" { publicly_accessible = false vpc_security_group_ids = ["${var.security_groups}"] skip_final_snapshot = "${var.skip_final_snapshot}" + parameter_group_name = "${var.parameter_group_name}" tags { Name = "${var.app_name}-${var.app_env}" diff --git a/aws/rds/mariadb/vars.tf b/aws/rds/mariadb/vars.tf index 8085aec..b72a564 100644 --- a/aws/rds/mariadb/vars.tf +++ b/aws/rds/mariadb/vars.tf @@ -76,3 +76,8 @@ variable "skip_final_snapshot" { type = "string" default = true } + +variable "parameter_group_name" { + type = "string" + default = "" +} From 344efd7b23c231410304b2118ffe4884588c1e1c Mon Sep 17 00:00:00 2001 From: Phillip Shipley Date: Mon, 12 Mar 2018 09:57:20 -0400 Subject: [PATCH 4/9] add ecs-service-only-with-volume --- aws/ecs/service-only-with-volume/README.md | 59 +++++++++++++ aws/ecs/service-only-with-volume/main.tf | 48 +++++++++++ aws/ecs/service-only-with-volume/outputs.tf | 41 +++++++++ aws/ecs/service-only-with-volume/vars.tf | 94 +++++++++++++++++++++ 4 files changed, 242 insertions(+) create mode 100644 aws/ecs/service-only-with-volume/README.md create mode 100644 aws/ecs/service-only-with-volume/main.tf create mode 100644 aws/ecs/service-only-with-volume/outputs.tf create mode 100644 aws/ecs/service-only-with-volume/vars.tf diff --git a/aws/ecs/service-only-with-volume/README.md b/aws/ecs/service-only-with-volume/README.md new file mode 100644 index 0000000..7fdc207 --- /dev/null +++ b/aws/ecs/service-only-with-volume/README.md @@ -0,0 +1,59 @@ +# aws/ecs/service-only - EC2 Container Service Service/Task +This module is used to create an ECS service as well as task definition + +## What this does + + - Create IAM role: `ecsServiceRole` + - Create task definition + - Create service + +## Required Inputs + + - `cluster_id` - ID for ECS Cluster + - `service_name` - Name of service, all lowercase, no spaces. + - `service_env` - Name of environment, used in naming task definition. Ex: `staging` + - `container_def_json` - JSON for container definition. + - `desired_count` - Number of tasks to run in service + - `tg_arn` - Target Group ARN for ALB to register with + - `lb_container_name` - Container name from `container_def_json` that should be used with target group / alb + - `lb_container_port` - Container port that should be used with target group / alb + - `ecsServiceRole_arn` - ARN to IAM ecsServiceRole + - `volume_name` - Name for volume + - `volume_host_path` - Path on host EC2 instance to mount volume + +### Optional Inputs + + - `task_role_arn` - ARN for role to assign to task definition. Default: `blank` + - `network_mode` - Networking mode for task. Default: `bridge` + - `deployment_maximum_percent` - Upper limit of tasks that can run during a deployment. Default: `200`% + - `deployment_minimum_healthy_percent` - Lower limit of tasks that must be running during a deployment. Default: `50`% + +## Outputs + + - `task_def_arn` - ARN for task definition. + - `task_def_family` - Family name of task definition. + - `task_def_revision` - Revision number of task definition. + - `service_id` - ID/ARN for service + - `service_name` - Name of service + - `service_cluster` - Name of ECS cluster service was placed in + - `service_role` - IAM role for service + - `service_desired_count` - Desired task count for service + +## Usage Example + +```hcl +module "ecsservice" { + source = "github.com/silinternational/terraform-modules//aws/ecs/service-only" + cluster_id = "${module.ecscluster.ecs_cluster_id}" + service_name = "${var.app_name}" + service_env = "${var.app_env}" + container_def_json = "${file("task-definition.json")}" + desired_count = 2 + tg_arn = "${data.terraform_remote_state.cluster.alb_default_tg_arn}" + lb_container_name = "app" + lb_container_port = 80 + ecsServiceRole_arn = "${data.terraform_remote_state.core.ecsServiceRole_arn}" + volume_name = "${var.volume_name}" + volume_host_path = "${var.volume_host_path}" +} +``` diff --git a/aws/ecs/service-only-with-volume/main.tf b/aws/ecs/service-only-with-volume/main.tf new file mode 100644 index 0000000..1cc244e --- /dev/null +++ b/aws/ecs/service-only-with-volume/main.tf @@ -0,0 +1,48 @@ +/* + * Get task definition data + */ +data "aws_ecs_task_definition" "td" { + task_definition = "${aws_ecs_task_definition.td.family}" + depends_on = ["aws_ecs_task_definition.td"] +} + +/* + * Create task definition + */ +resource "aws_ecs_task_definition" "td" { + family = "${var.service_name}-${var.service_env}" + container_definitions = "${var.container_def_json}" + task_role_arn = "${var.task_role_arn}" + network_mode = "${var.network_mode}" + + volume { + name = "${var.volume_name}" + host_path = "${var.volume_host_path}" + } +} + +/* + * Create ECS Service + */ +resource "aws_ecs_service" "service" { + name = "${var.service_name}" + cluster = "${var.cluster_id}" + desired_count = "${var.desired_count}" + iam_role = "${var.ecsServiceRole_arn}" + deployment_maximum_percent = "${var.deployment_maximum_percent}" + deployment_minimum_healthy_percent = "${var.deployment_minimum_healthy_percent}" + + placement_strategy { + type = "spread" + field = "instanceId" + } + + load_balancer { + target_group_arn = "${var.tg_arn}" + container_name = "${var.lb_container_name}" + container_port = "${var.lb_container_port}" + } + + # Track the latest ACTIVE revision + task_definition = "${aws_ecs_task_definition.td.family}:${max("${aws_ecs_task_definition.td.revision}", "${data.aws_ecs_task_definition.td.revision}")}" +} diff --git a/aws/ecs/service-only-with-volume/outputs.tf b/aws/ecs/service-only-with-volume/outputs.tf new file mode 100644 index 0000000..bd6cedd --- /dev/null +++ b/aws/ecs/service-only-with-volume/outputs.tf @@ -0,0 +1,41 @@ +/* + * Task definition outputs + */ +output "task_def_arn" { + value = "${aws_ecs_task_definition.td.arn}" +} + +output "task_def_family" { + value = "${aws_ecs_task_definition.td.family}" +} + +output "task_def_revision" { + value = "${aws_ecs_task_definition.td.revision}" +} + +output "task_def_revision_via_data" { + value = "${data.aws_ecs_task_definition.td.revision}" +} + +/* + * Service outputs + */ +output "service_id" { + value = "${aws_ecs_service.service.id}" +} + +output "service_name" { + value = "${aws_ecs_service.service.name}" +} + +output "service_cluster" { + value = "${aws_ecs_service.service.cluster}" +} + +output "service_role" { + value = "${aws_ecs_service.service.iam_role}" +} + +output "service_desired_count" { + value = "${aws_ecs_service.service.desired_count}" +} diff --git a/aws/ecs/service-only-with-volume/vars.tf b/aws/ecs/service-only-with-volume/vars.tf new file mode 100644 index 0000000..0811627 --- /dev/null +++ b/aws/ecs/service-only-with-volume/vars.tf @@ -0,0 +1,94 @@ +/* + * Required Variables + */ +variable "cluster_id" { + type = "string" +} + +variable "service_name" { + type = "string" +} + +variable "service_env" { + type = "string" +} + +variable "container_def_json" { + type = "string" +} + +variable "desired_count" { + type = "string" +} + +variable "lb_container_name" { + type = "string" +} + +variable "lb_container_port" { + type = "string" +} + +variable "tg_arn" { + type = "string" +} + +variable "ecsServiceRole_arn" { + type = "string" +} + +variable "volume_name" { + type = "string" +} + +variable "volume_host_path" { + type = "string" +} + +/* + * Optional Variables + */ +variable "port" { + type = "string" + default = 80 +} + +variable "protocol" { + type = "string" + default = "HTTP" +} + +variable "access_logs_enabled" { + type = "string" + default = "false" +} + +variable "access_logs_bucket" { + type = "string" + default = "" +} + +variable "ssl_policy" { + type = "string" + default = "ELBSecurityPolicy-2015-05" +} + +variable "task_role_arn" { + type = "string" + default = "" +} + +variable "network_mode" { + type = "string" + default = "bridge" +} + +variable "deployment_maximum_percent" { + type = "string" + default = 200 +} + +variable "deployment_minimum_healthy_percent" { + type = "string" + default = 50 +} From ebc6d5477384d1790cf8ba278561159b0181c079 Mon Sep 17 00:00:00 2001 From: Dale Newby Date: Tue, 20 Mar 2018 16:51:56 -0400 Subject: [PATCH 5/9] added service-no-alb-with-volume --- aws/ecs/service-no-alb-with-volume/README.md | 50 ++++++++++++ aws/ecs/service-no-alb-with-volume/main.tf | 41 ++++++++++ aws/ecs/service-no-alb-with-volume/outputs.tf | 37 +++++++++ aws/ecs/service-no-alb-with-volume/vars.tf | 78 +++++++++++++++++++ 4 files changed, 206 insertions(+) create mode 100644 aws/ecs/service-no-alb-with-volume/README.md create mode 100644 aws/ecs/service-no-alb-with-volume/main.tf create mode 100644 aws/ecs/service-no-alb-with-volume/outputs.tf create mode 100644 aws/ecs/service-no-alb-with-volume/vars.tf diff --git a/aws/ecs/service-no-alb-with-volume/README.md b/aws/ecs/service-no-alb-with-volume/README.md new file mode 100644 index 0000000..5f30f00 --- /dev/null +++ b/aws/ecs/service-no-alb-with-volume/README.md @@ -0,0 +1,50 @@ +# aws/ecs/service-no-alb - EC2 Container Service Service/Task without load balancer +This module is used to create an ECS service as well as task definition + +## What this does + + - Create task definition + - Create service + +## Required Inputs + + - `cluster_id` - ID for ECS Cluster + - `service_name` - Name of service, all lowercase, no spaces. + - `service_env` - Name of environment, used in naming task definition. Ex: `staging` + - `container_def_json` - JSON for container definition. + - `desired_count` - Number of tasks to run in service + - `volume_name` - Name for volume + - `volume_host_path` - Path on host EC2 instance to mount volume + +### Optional Inputs + + - `task_role_arn` - ARN for role to assign to task definition. Default: `blank` + - `network_mode` - Networking mode for task. Default: `bridge` + - `deployment_maximum_percent` - Upper limit of tasks that can run during a deployment. Default: `200`% + - `deployment_minimum_healthy_percent` - Lower limit of tasks that must be running during a deployment. Default: `50`% + +## Outputs + + - `task_def_arn` - ARN for task definition. + - `task_def_family` - Family name of task definition. + - `task_def_revision` - Revision number of task definition. + - `service_id` - ID/ARN for service + - `service_name` - Name of service + - `service_cluster` - Name of ECS cluster service was placed in + - `service_role` - IAM role for service + - `service_desired_count` - Desired task count for service + +## Usage Example + +```hcl +module "ecsservice" { + source = "github.com/silinternational/terraform-modules//aws/ecs/service-no-alb-with-volume" + cluster_id = "${module.ecscluster.ecs_cluster_id}" + service_name = "${var.app_name}" + service_env = "${var.app_env}" + container_def_json = "${file("task-definition.json")}" + desired_count = 2 + volume_name = "${var.volume_name}" + volume_host_path = "${var.volume_host_path}" +} +``` diff --git a/aws/ecs/service-no-alb-with-volume/main.tf b/aws/ecs/service-no-alb-with-volume/main.tf new file mode 100644 index 0000000..9896c42 --- /dev/null +++ b/aws/ecs/service-no-alb-with-volume/main.tf @@ -0,0 +1,41 @@ +/* + * Get task definition data + */ +data "aws_ecs_task_definition" "td" { + task_definition = "${aws_ecs_task_definition.td.family}" + depends_on = ["aws_ecs_task_definition.td"] +} + +/* + * Create task definition + */ +resource "aws_ecs_task_definition" "td" { + family = "${var.service_name}-${var.service_env}" + container_definitions = "${var.container_def_json}" + task_role_arn = "${var.task_role_arn}" + network_mode = "${var.network_mode}" + + volume { + name = "${var.volume_name}" + host_path = "${var.volume_host_path}" + } +} + +/* + * Create ECS Service + */ +resource "aws_ecs_service" "service" { + name = "${var.service_name}" + cluster = "${var.cluster_id}" + desired_count = "${var.desired_count}" + deployment_maximum_percent = "${var.deployment_maximum_percent}" + deployment_minimum_healthy_percent = "${var.deployment_minimum_healthy_percent}" + + placement_strategy { + type = "spread" + field = "instanceId" + } + + # Track the latest ACTIVE revision + task_definition = "${aws_ecs_task_definition.td.family}:${max("${aws_ecs_task_definition.td.revision}", "${data.aws_ecs_task_definition.td.revision}")}" +} diff --git a/aws/ecs/service-no-alb-with-volume/outputs.tf b/aws/ecs/service-no-alb-with-volume/outputs.tf new file mode 100644 index 0000000..c691a17 --- /dev/null +++ b/aws/ecs/service-no-alb-with-volume/outputs.tf @@ -0,0 +1,37 @@ +/* + * Task definition outputs + */ +output "task_def_arn" { + value = "${aws_ecs_task_definition.td.arn}" +} + +output "task_def_family" { + value = "${aws_ecs_task_definition.td.family}" +} + +output "task_def_revision" { + value = "${aws_ecs_task_definition.td.revision}" +} + +output "task_def_revision_via_data" { + value = "${data.aws_ecs_task_definition.td.revision}" +} + +/* + * Service outputs + */ +output "service_id" { + value = "${aws_ecs_service.service.id}" +} + +output "service_name" { + value = "${aws_ecs_service.service.name}" +} + +output "service_cluster" { + value = "${aws_ecs_service.service.cluster}" +} + +output "service_desired_count" { + value = "${aws_ecs_service.service.desired_count}" +} diff --git a/aws/ecs/service-no-alb-with-volume/vars.tf b/aws/ecs/service-no-alb-with-volume/vars.tf new file mode 100644 index 0000000..90a1158 --- /dev/null +++ b/aws/ecs/service-no-alb-with-volume/vars.tf @@ -0,0 +1,78 @@ +/* + * Required Variables + */ +variable "cluster_id" { + type = "string" +} + +variable "service_name" { + type = "string" +} + +variable "service_env" { + type = "string" +} + +variable "container_def_json" { + type = "string" +} + +variable "desired_count" { + type = "string" +} + +variable "volume_name" { + type = "string" +} + +variable "volume_host_path" { + type = "string" +} + +/* + * Optional Variables + */ +variable "port" { + type = "string" + default = 80 +} + +variable "protocol" { + type = "string" + default = "HTTP" +} + +variable "access_logs_enabled" { + type = "string" + default = "false" +} + +variable "access_logs_bucket" { + type = "string" + default = "" +} + +variable "ssl_policy" { + type = "string" + default = "ELBSecurityPolicy-2015-05" +} + +variable "task_role_arn" { + type = "string" + default = "" +} + +variable "network_mode" { + type = "string" + default = "bridge" +} + +variable "deployment_maximum_percent" { + type = "string" + default = 200 +} + +variable "deployment_minimum_healthy_percent" { + type = "string" + default = 50 +} From 83bef070661db50386292751575548bbf23ffbe1 Mon Sep 17 00:00:00 2001 From: Dale Newby Date: Mon, 26 Mar 2018 11:49:33 -0400 Subject: [PATCH 6/9] add key_name to launch configuration --- aws/asg/README.md | 4 ++++ aws/asg/main.tf | 1 + aws/asg/vars.tf | 5 +++++ 3 files changed, 10 insertions(+) diff --git a/aws/asg/README.md b/aws/asg/README.md index 2d0da9c..4469079 100644 --- a/aws/asg/README.md +++ b/aws/asg/README.md @@ -18,6 +18,10 @@ an auto scaling group that uses the configuration. - `ecs_instance_profile_id` - IAM profile ID for ecsInstanceProfile - `ecs_cluster_name` - ECS cluster name for registering instances +## Optional Inputs + + - `key_name` - Name of the AWS key pair to allow ssh access, default is "" + ## Outputs - `ecs_cluster_name` - The ECS cluster name diff --git a/aws/asg/main.tf b/aws/asg/main.tf index 6b5011e..26b9929 100644 --- a/aws/asg/main.tf +++ b/aws/asg/main.tf @@ -17,6 +17,7 @@ resource "aws_launch_configuration" "as_conf" { instance_type = "${var.aws_instance["instance_type"]}" security_groups = ["${var.default_sg_id}"] iam_instance_profile = "${var.ecs_instance_profile_id}" + key_name = "${var.key_name}" root_block_device { volume_size = "${var.aws_instance["volume_size"]}" diff --git a/aws/asg/vars.tf b/aws/asg/vars.tf index 1f06780..37ea90f 100644 --- a/aws/asg/vars.tf +++ b/aws/asg/vars.tf @@ -40,3 +40,8 @@ variable "ecs_instance_profile_id" { variable "ecs_cluster_name" { type = "string" } + +variable "key_name" { + type = "string" + default = "" +} From d73ff87349a62c8bd468b9ec7ac239bf706b24f8 Mon Sep 17 00:00:00 2001 From: Phillip Shipley Date: Thu, 5 Apr 2018 16:01:44 -0400 Subject: [PATCH 7/9] updates based on PR feedback --- aws/ecs/service-no-alb-with-volume/README.md | 2 +- aws/ecs/service-no-alb-with-volume/vars.tf | 25 -------------------- aws/ecs/service-no-alb/vars.tf | 2 +- aws/ecs/service-only-with-volume/README.md | 1 + aws/ecs/service-only-with-volume/vars.tf | 24 ------------------- aws/ecs/service-only/vars.tf | 2 +- 6 files changed, 4 insertions(+), 52 deletions(-) diff --git a/aws/ecs/service-no-alb-with-volume/README.md b/aws/ecs/service-no-alb-with-volume/README.md index 5f30f00..fd56e16 100644 --- a/aws/ecs/service-no-alb-with-volume/README.md +++ b/aws/ecs/service-no-alb-with-volume/README.md @@ -28,10 +28,10 @@ This module is used to create an ECS service as well as task definition - `task_def_arn` - ARN for task definition. - `task_def_family` - Family name of task definition. - `task_def_revision` - Revision number of task definition. + - `task_def_revision_via_data` - Revision number of task def via data resource - `service_id` - ID/ARN for service - `service_name` - Name of service - `service_cluster` - Name of ECS cluster service was placed in - - `service_role` - IAM role for service - `service_desired_count` - Desired task count for service ## Usage Example diff --git a/aws/ecs/service-no-alb-with-volume/vars.tf b/aws/ecs/service-no-alb-with-volume/vars.tf index 90a1158..1e32d6e 100644 --- a/aws/ecs/service-no-alb-with-volume/vars.tf +++ b/aws/ecs/service-no-alb-with-volume/vars.tf @@ -32,31 +32,6 @@ variable "volume_host_path" { /* * Optional Variables */ -variable "port" { - type = "string" - default = 80 -} - -variable "protocol" { - type = "string" - default = "HTTP" -} - -variable "access_logs_enabled" { - type = "string" - default = "false" -} - -variable "access_logs_bucket" { - type = "string" - default = "" -} - -variable "ssl_policy" { - type = "string" - default = "ELBSecurityPolicy-2015-05" -} - variable "task_role_arn" { type = "string" default = "" diff --git a/aws/ecs/service-no-alb/vars.tf b/aws/ecs/service-no-alb/vars.tf index 32a7005..ab59f83 100644 --- a/aws/ecs/service-no-alb/vars.tf +++ b/aws/ecs/service-no-alb/vars.tf @@ -46,7 +46,7 @@ variable "access_logs_bucket" { variable "ssl_policy" { type = "string" - default = "ELBSecurityPolicy-2015-05" + default = "ELBSecurityPolicy-2016-08" } variable "task_role_arn" { diff --git a/aws/ecs/service-only-with-volume/README.md b/aws/ecs/service-only-with-volume/README.md index 7fdc207..65d9baa 100644 --- a/aws/ecs/service-only-with-volume/README.md +++ b/aws/ecs/service-only-with-volume/README.md @@ -33,6 +33,7 @@ This module is used to create an ECS service as well as task definition - `task_def_arn` - ARN for task definition. - `task_def_family` - Family name of task definition. - `task_def_revision` - Revision number of task definition. + - `task_def_revision_via_data` - Task def revision from data resource - `service_id` - ID/ARN for service - `service_name` - Name of service - `service_cluster` - Name of ECS cluster service was placed in diff --git a/aws/ecs/service-only-with-volume/vars.tf b/aws/ecs/service-only-with-volume/vars.tf index 0811627..9c18c2c 100644 --- a/aws/ecs/service-only-with-volume/vars.tf +++ b/aws/ecs/service-only-with-volume/vars.tf @@ -48,30 +48,6 @@ variable "volume_host_path" { /* * Optional Variables */ -variable "port" { - type = "string" - default = 80 -} - -variable "protocol" { - type = "string" - default = "HTTP" -} - -variable "access_logs_enabled" { - type = "string" - default = "false" -} - -variable "access_logs_bucket" { - type = "string" - default = "" -} - -variable "ssl_policy" { - type = "string" - default = "ELBSecurityPolicy-2015-05" -} variable "task_role_arn" { type = "string" diff --git a/aws/ecs/service-only/vars.tf b/aws/ecs/service-only/vars.tf index d194a0c..2fc80d4 100644 --- a/aws/ecs/service-only/vars.tf +++ b/aws/ecs/service-only/vars.tf @@ -62,7 +62,7 @@ variable "access_logs_bucket" { variable "ssl_policy" { type = "string" - default = "ELBSecurityPolicy-2015-05" + default = "ELBSecurityPolicy-2016-08" } variable "task_role_arn" { From d7d302b279cc5a32af408f0e1ac5f13aa6263394 Mon Sep 17 00:00:00 2001 From: Dale Newby Date: Thu, 5 Apr 2018 16:55:09 -0400 Subject: [PATCH 8/9] make README.md files more consistent --- aws/ecs/service-no-alb-with-volume/README.md | 2 +- aws/ecs/service-no-alb/README.md | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/aws/ecs/service-no-alb-with-volume/README.md b/aws/ecs/service-no-alb-with-volume/README.md index fd56e16..9f1713d 100644 --- a/aws/ecs/service-no-alb-with-volume/README.md +++ b/aws/ecs/service-no-alb-with-volume/README.md @@ -1,4 +1,4 @@ -# aws/ecs/service-no-alb - EC2 Container Service Service/Task without load balancer +# aws/ecs/service-no-alb-with-volume - EC2 Container Service Service/Task without load balancer with volume This module is used to create an ECS service as well as task definition ## What this does diff --git a/aws/ecs/service-no-alb/README.md b/aws/ecs/service-no-alb/README.md index efc50e7..fa48753 100644 --- a/aws/ecs/service-no-alb/README.md +++ b/aws/ecs/service-no-alb/README.md @@ -26,21 +26,21 @@ This module is used to create an ECS service as well as task definition - `task_def_arn` - ARN for task definition. - `task_def_family` - Family name of task definition. - `task_def_revision` - Revision number of task definition. + - `task_def_revision_via_data` - Revision number of task def via data resource - `service_id` - ID/ARN for service - `service_name` - Name of service - `service_cluster` - Name of ECS cluster service was placed in - - `service_role` - IAM role for service - `service_desired_count` - Desired task count for service ## Usage Example ```hcl module "ecsservice" { - source = "github.com/silinternational/terraform-modules//aws/ecs/service-no-alb" - cluster_id = "${module.ecscluster.ecs_cluster_id}" - service_name = "${var.app_name}" - service_env = "${var.app_env}" + source = "github.com/silinternational/terraform-modules//aws/ecs/service-no-alb" + cluster_id = "${module.ecscluster.ecs_cluster_id}" + service_name = "${var.app_name}" + service_env = "${var.app_env}" container_def_json = "${file("task-definition.json")}" - desired_count = 2 + desired_count = 2 } ``` From dddb39aecdb352b29f956952a30c17c0c2c9825a Mon Sep 17 00:00:00 2001 From: Dale Newby Date: Fri, 6 Apr 2018 08:51:20 -0400 Subject: [PATCH 9/9] remove unused variables --- aws/ecs/service-no-alb/vars.tf | 25 ------------------------- 1 file changed, 25 deletions(-) diff --git a/aws/ecs/service-no-alb/vars.tf b/aws/ecs/service-no-alb/vars.tf index ab59f83..2911d15 100644 --- a/aws/ecs/service-no-alb/vars.tf +++ b/aws/ecs/service-no-alb/vars.tf @@ -24,31 +24,6 @@ variable "desired_count" { /* * Optional Variables */ -variable "port" { - type = "string" - default = 80 -} - -variable "protocol" { - type = "string" - default = "HTTP" -} - -variable "access_logs_enabled" { - type = "string" - default = "false" -} - -variable "access_logs_bucket" { - type = "string" - default = "" -} - -variable "ssl_policy" { - type = "string" - default = "ELBSecurityPolicy-2016-08" -} - variable "task_role_arn" { type = "string" default = ""