{"id":19508915,"url":"https://github.com/rhythmictech/terraform-aws-ecs-cluster","last_synced_at":"2025-04-26T03:31:48.445Z","repository":{"id":34992584,"uuid":"193568101","full_name":"rhythmictech/terraform-aws-ecs-cluster","owner":"rhythmictech","description":"Create an ECS cluster in AWS fronted by an ALB","archived":false,"fork":false,"pushed_at":"2022-08-23T22:01:09.000Z","size":42,"stargazers_count":3,"open_issues_count":0,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-04T07:11:25.175Z","etag":null,"topics":["alb","aws","ecs","ecs-cluster","terraform","terraform-module","terraform-modules"],"latest_commit_sha":null,"homepage":"https://registry.terraform.io/modules/rhythmictech/ecs-cluster/aws","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rhythmictech.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null}},"created_at":"2019-06-24T19:41:25.000Z","updated_at":"2022-08-27T22:42:56.000Z","dependencies_parsed_at":"2022-08-08T03:15:54.417Z","dependency_job_id":null,"html_url":"https://github.com/rhythmictech/terraform-aws-ecs-cluster","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-ecs-cluster","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-ecs-cluster/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-ecs-cluster/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-ecs-cluster/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rhythmictech","download_url":"https://codeload.github.com/rhythmictech/terraform-aws-ecs-cluster/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250926819,"owners_count":21509044,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alb","aws","ecs","ecs-cluster","terraform","terraform-module","terraform-modules"],"created_at":"2024-11-10T23:10:21.454Z","updated_at":"2025-04-26T03:31:48.203Z","avatar_url":"https://github.com/rhythmictech.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-aws-ecs-cluster\n[![pre-commit-check](https://github.com/rhythmictech/terraform-aws-ecs-cluster/workflows/pre-commit-check/badge.svg)](https://github.com/rhythmictech/terraform-aws-ecs-cluster/actions)\n[![GitHub release (latest by date)](https://img.shields.io/github/v/release/rhythmictech/terraform-aws-ecs-cluster)](https://github.com/rhythmictech/terraform-aws-ecs-cluster/releases)\n\u003cimg src=\"https://img.shields.io/twitter/follow/RhythmicTech?style=social\u0026logo=twitter\" alt=\"follow on Twitter\"\u003e\u003c/a\u003e\n\n## How to use this module\n\n### Required Variables\n* `vpc_id`: ID of vpc to create resources in\n* `alb_subnet_ids`: Subnets the ALB will listen on (public subnets)\n\n### Recommended Variables\n* `instance_policy_document`: An object created by the `aws_iam_policy_document` datasource\n  * purpose: additional IAM permissions to be granted to cluster nodes\n  * default: empty document\n* `name`: common name for resources created by this module (included in tags)\n\n### Additional Requirements\n* Security Group Rules will need to be granted to the ALB and instances using `aws_security_group_rule` resources\n  Example:\n  ```terraform\n  resource \"aws_security_group_rule\" \"ecs_alb_ingress_80\" {\n    security_group_id = module.ecs_cluster.alb-sg-id\n    type              = \"ingress\"\n    from_port         = 80\n    to_port           = 80\n    protocol          = \"tcp\"\n    cidr_blocks       = [\"0.0.0.0/0\"]\n  }\n\n  resource \"aws_security_group_rule\" \"ecs_alb_ingress_443\" {\n    security_group_id = module.ecs_cluster.alb-sg-id\n    type              = \"ingress\"\n    from_port         = 443\n    to_port           = 443\n    protocol          = \"tcp\"\n    cidr_blocks       = [\"0.0.0.0/0\"]\n  }\n\n  resource \"aws_security_group_rule\" \"ecs_alb_egress\" {\n    security_group_id = module.ecs_cluster.alb-sg-id\n    type              = \"egress\"\n    from_port         = 0\n    to_port           = 0\n    protocol          = \"-1\"\n    cidr_blocks       = [\"${var.cidr_block[terraform.workspace]}\"]\n  }\n\n  resource \"aws_security_group_rule\" \"ecs_ec2_ingress_from_alb\" {\n    security_group_id        = module.ecs_cluster.ec2-sg-id\n    type                     = \"ingress\"\n    from_port                = 0\n    to_port                  = 0\n    protocol                 = \"-1\"\n    source_security_group_id = module.ecs_cluster.alb-sg-id\n  }\n\n  resource \"aws_security_group_rule\" \"ecs_ec2_egress\" {\n    security_group_id = module.ecs_cluster.ec2-sg-id\n    type              = \"egress\"\n    from_port         = 0\n    to_port           = 0\n    protocol          = \"-1\"\n    cidr_blocks       = [\"0.0.0.0/0\"]\n  }\n  ```\n\n\u003c!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 0.12.19 |\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | \u003e= 2.40 |\n| \u003ca name=\"requirement_template\"\u003e\u003c/a\u003e [template](#requirement\\_template) | ~\u003e 2.1 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | \u003e= 2.40 |\n| \u003ca name=\"provider_template\"\u003e\u003c/a\u003e [template](#provider\\_template) | ~\u003e 2.1 |\n\n## Modules\n\nNo modules.\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [aws_alb.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/alb) | resource |\n| [aws_cloudformation_stack.ecs_asg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack) | resource |\n| [aws_ecs_cluster.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster) | resource |\n| [aws_iam_instance_profile.ecs_instance_profile](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_instance_profile) | resource |\n| [aws_iam_role.ecs_instance_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role_policy.ecs_instance_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |\n| [aws_iam_role_policy_attachment.ecs_instance_role_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_launch_configuration.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration) | resource |\n| [aws_security_group.ecs_alb_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |\n| [aws_security_group.ecs_ec2_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |\n| [aws_security_group_rule.alb_egress_to_ec2](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.alb_ingress_from_ec2](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.ecs_ec2_egress_to_alb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.ecs_ec2_ingress_from_alb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.ecs_ec2_to_self](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.self_to_ecs_ec2](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_vpc_endpoint.ec2](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint) | resource |\n| [aws_ami.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |\n| [aws_iam_policy_document.ecs_instance_policy_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |\n| [template_file.asg_cfn](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) | data source |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_alb_subnet_ids\"\u003e\u003c/a\u003e [alb\\_subnet\\_ids](#input\\_alb\\_subnet\\_ids) | Subnets ALB will listen on | `list(string)` | n/a | yes |\n| \u003ca name=\"input_ami_id\"\u003e\u003c/a\u003e [ami\\_id](#input\\_ami\\_id) | ECS AMI ID, defaults to latest Amazon-provided image (`name_regex = ^amzn2-ami-ecs-hvm-.*-x86_64-ebs`) | `string` | `\"\"` | no |\n| \u003ca name=\"input_asg_health_check_type\"\u003e\u003c/a\u003e [asg\\_health\\_check\\_type](#input\\_asg\\_health\\_check\\_type) | Check instance health with EC2 or ELB checks | `string` | `\"EC2\"` | no |\n| \u003ca name=\"input_asg_max_size\"\u003e\u003c/a\u003e [asg\\_max\\_size](#input\\_asg\\_max\\_size) | Maximum batch size for ASG rolling updates. Setting this to 0 will prevent ASG creation | `string` | n/a | yes |\n| \u003ca name=\"input_assign_ec2_public_ip\"\u003e\u003c/a\u003e [assign\\_ec2\\_public\\_ip](#input\\_assign\\_ec2\\_public\\_ip) | Whether to assign a public IP to autoscaled instances | `bool` | `true` | no |\n| \u003ca name=\"input_custom_iam_policy\"\u003e\u003c/a\u003e [custom\\_iam\\_policy](#input\\_custom\\_iam\\_policy) | Whether you're passing a custom policy document | `bool` | `false` | no |\n| \u003ca name=\"input_desired_instances\"\u003e\u003c/a\u003e [desired\\_instances](#input\\_desired\\_instances) | Desired instances in ASG | `number` | `2` | no |\n| \u003ca name=\"input_ec2_subnet_ids\"\u003e\u003c/a\u003e [ec2\\_subnet\\_ids](#input\\_ec2\\_subnet\\_ids) | Subnets EC2 will listen on | `list(string)` | n/a | yes |\n| \u003ca name=\"input_instance_policy_document\"\u003e\u003c/a\u003e [instance\\_policy\\_document](#input\\_instance\\_policy\\_document) | Policy document for instance IAM role | `string` | `null` | no |\n| \u003ca name=\"input_instance_type\"\u003e\u003c/a\u003e [instance\\_type](#input\\_instance\\_type) | Instance type to use in ASG | `string` | `\"t3.micro\"` | no |\n| \u003ca name=\"input_max_instances\"\u003e\u003c/a\u003e [max\\_instances](#input\\_max\\_instances) | Max instances in ASG | `number` | `4` | no |\n| \u003ca name=\"input_min_instances\"\u003e\u003c/a\u003e [min\\_instances](#input\\_min\\_instances) | Min instances in ASG | `number` | `2` | no |\n| \u003ca name=\"input_name\"\u003e\u003c/a\u003e [name](#input\\_name) | common name for resources in this module | `string` | `\"ecs_cluster\"` | no |\n| \u003ca name=\"input_ssh_key_pair_name\"\u003e\u003c/a\u003e [ssh\\_key\\_pair\\_name](#input\\_ssh\\_key\\_pair\\_name) | Name of pre-existing key-pair for use with the EC2 launch config. | `string` | `\"\"` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | common tags for all resources | `map(string)` | `{}` | no |\n| \u003ca name=\"input_userdata_script\"\u003e\u003c/a\u003e [userdata\\_script](#input\\_userdata\\_script) | Bash commands to be passed to the instance as userdata. Do NOT include a shebang. | `string` | `\"echo 'No additional userdata was passed'\"` | no |\n| \u003ca name=\"input_volume_size\"\u003e\u003c/a\u003e [volume\\_size](#input\\_volume\\_size) | Size of root volume of ECS instances | `number` | `100` | no |\n| \u003ca name=\"input_volume_type\"\u003e\u003c/a\u003e [volume\\_type](#input\\_volume\\_type) | Volume type to use for instance root | `string` | `\"gp2\"` | no |\n| \u003ca name=\"input_vpc_id\"\u003e\u003c/a\u003e [vpc\\_id](#input\\_vpc\\_id) | ID of VPC resources will be created in | `string` | n/a | yes |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_alb_arn\"\u003e\u003c/a\u003e [alb\\_arn](#output\\_alb\\_arn) | ARN of ALB |\n| \u003ca name=\"output_alb_arn_suffix\"\u003e\u003c/a\u003e [alb\\_arn\\_suffix](#output\\_alb\\_arn\\_suffix) | ARN suffix of ALB |\n| \u003ca name=\"output_alb_dns_name\"\u003e\u003c/a\u003e [alb\\_dns\\_name](#output\\_alb\\_dns\\_name) | DNS name of ALB |\n| \u003ca name=\"output_alb_security_group_id\"\u003e\u003c/a\u003e [alb\\_security\\_group\\_id](#output\\_alb\\_security\\_group\\_id) | Resource ID for Security Group applied to ALB |\n| \u003ca name=\"output_alb_zone_id\"\u003e\u003c/a\u003e [alb\\_zone\\_id](#output\\_alb\\_zone\\_id) | R53 zone ID of ALB |\n| \u003ca name=\"output_cloudformation_asg_template\"\u003e\u003c/a\u003e [cloudformation\\_asg\\_template](#output\\_cloudformation\\_asg\\_template) | CloudFormation yaml template body for ASG |\n| \u003ca name=\"output_ec2_security_group_id\"\u003e\u003c/a\u003e [ec2\\_security\\_group\\_id](#output\\_ec2\\_security\\_group\\_id) | Resource ID for Security Group applied to EC2 instances |\n| \u003ca name=\"output_ecs_cluster_id\"\u003e\u003c/a\u003e [ecs\\_cluster\\_id](#output\\_ecs\\_cluster\\_id) | Resource ID of ECS cluster |\n| \u003ca name=\"output_ecs_cluster_name\"\u003e\u003c/a\u003e [ecs\\_cluster\\_name](#output\\_ecs\\_cluster\\_name) | ECS cluster name |\n\u003c!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhythmictech%2Fterraform-aws-ecs-cluster","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frhythmictech%2Fterraform-aws-ecs-cluster","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhythmictech%2Fterraform-aws-ecs-cluster/lists"}