{"id":19508882,"url":"https://github.com/rhythmictech/terraform-aws-nlb-ecs-task","last_synced_at":"2025-04-26T03:31:48.013Z","repository":{"id":42055991,"uuid":"277184379","full_name":"rhythmictech/terraform-aws-nlb-ecs-task","owner":"rhythmictech","description":"Simple ECS task behind an NLB with CloudWatch logging. Batteries included.","archived":false,"fork":false,"pushed_at":"2022-10-05T16:11:23.000Z","size":47,"stargazers_count":4,"open_issues_count":0,"forks_count":7,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-04T07:11:23.679Z","etag":null,"topics":["aws","ecs","terraform","terraform-module"],"latest_commit_sha":null,"homepage":"https://registry.terraform.io/modules/rhythmictech/nlb-ecs-task/aws","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rhythmictech.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null}},"created_at":"2020-07-04T20:59:46.000Z","updated_at":"2022-03-07T22:13:14.000Z","dependencies_parsed_at":"2023-01-19T05:00:36.933Z","dependency_job_id":null,"html_url":"https://github.com/rhythmictech/terraform-aws-nlb-ecs-task","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-nlb-ecs-task","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-nlb-ecs-task/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-nlb-ecs-task/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-nlb-ecs-task/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rhythmictech","download_url":"https://codeload.github.com/rhythmictech/terraform-aws-nlb-ecs-task/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250926818,"owners_count":21509043,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","ecs","terraform","terraform-module"],"created_at":"2024-11-10T23:10:14.638Z","updated_at":"2025-04-26T03:31:47.739Z","avatar_url":"https://github.com/rhythmictech.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-aws-nlb-ecs-task [![](https://github.com/rhythmictech/terraform-aws-nlb-ecs-task/workflows/pre-commit-check/badge.svg)](https://github.com/rhythmictech/terraform-aws-nlb-ecs-task/actions) \u003ca href=\"https://twitter.com/intent/follow?screen_name=RhythmicTech\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/RhythmicTech?style=social\u0026logo=twitter\" alt=\"follow on Twitter\"\u003e\u003c/a\u003e\nCreates an ECS service, ECS task, nlb target group, nlb listener, and CloudWatch logging. Ignores updates to the task so deployments can continue via another pipeline.\n\n## Example\nHere's what using the module will look like\n```hcl\nmodule \"example\" {\n  source = \"github.com/rhythmictech/terraform-aws-nlb-ecs-task?ref=master\"\n\n  assign_ecs_service_public_ip = true\n  cluster_name                 = aws_ecs_cluster.example.name\n  container_port               = 80\n  container_image              = \"docker.io/library/nginx:alpine\"\n  load_balancer_arn            = aws_lb.public.arn\n  listener_port                = 80\n  name                         = local.name\n  subnets                      = var.subnet_ids\n  tags                         = module.tags.tags\n  vpc_id                       = var.vpc_id\n}\n```\n\n\u003c!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 0.12.19 |\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | \u003e= 2.48.0 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | 4.3.0 |\n\n## Modules\n\n| Name | Source | Version |\n|------|--------|---------|\n| \u003ca name=\"module_container_definition\"\u003e\u003c/a\u003e [container\\_definition](#module\\_container\\_definition) | cloudposse/ecs-container-definition/aws | 0.58.1 |\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [aws_cloudwatch_log_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |\n| [aws_ecs_service.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service) | resource |\n| [aws_ecs_task_definition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition) | resource |\n| [aws_iam_role.ecs_exec](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.ecs_task](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role_policy_attachment.additional](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.ecs_exec](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.ecs_exec_additional](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_lb_listener.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |\n| [aws_lb_target_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |\n| [aws_security_group.ecs_service](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |\n| [aws_security_group_rule.allow_all_egress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.nlb_to_ecs_ingress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_iam_policy_document.assume](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.ecs_exec](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_lb.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/lb) | data source |\n| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |\n| [aws_subnet.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_additional_ecs_service_exec_policy_arns\"\u003e\u003c/a\u003e [additional\\_ecs\\_service\\_exec\\_policy\\_arns](#input\\_additional\\_ecs\\_service\\_exec\\_policy\\_arns) | ARNs for additional ECS Service Execution Role policies | `list(string)` | `[]` | no |\n| \u003ca name=\"input_additional_ecs_task_policy_arns\"\u003e\u003c/a\u003e [additional\\_ecs\\_task\\_policy\\_arns](#input\\_additional\\_ecs\\_task\\_policy\\_arns) | ARNs for additional ECS task policies | `list(string)` | `[]` | no |\n| \u003ca name=\"input_assign_ecs_service_public_ip\"\u003e\u003c/a\u003e [assign\\_ecs\\_service\\_public\\_ip](#input\\_assign\\_ecs\\_service\\_public\\_ip) | Assigns a public IP to your ECS service. Set true if using fargate, see https://aws.amazon.com/premiumsupport/knowledge-center/ecs-pull-container-api-error-ecr/ | `bool` | `false` | no |\n| \u003ca name=\"input_cluster_name\"\u003e\u003c/a\u003e [cluster\\_name](#input\\_cluster\\_name) | Name of ECS cluster | `string` | n/a | yes |\n| \u003ca name=\"input_container_image\"\u003e\u003c/a\u003e [container\\_image](#input\\_container\\_image) | Container image, ie 203583890406.dkr.ecr.us-west-1.amazonaws.com/api-integrations:git-34752db | `string` | `\"busybox\"` | no |\n| \u003ca name=\"input_container_name\"\u003e\u003c/a\u003e [container\\_name](#input\\_container\\_name) | Defaults to `api-\u003cvar.name\u003e` | `string` | `null` | no |\n| \u003ca name=\"input_container_port\"\u003e\u003c/a\u003e [container\\_port](#input\\_container\\_port) | Port on Container that main process is listening on | `number` | n/a | yes |\n| \u003ca name=\"input_ecs_execution_role\"\u003e\u003c/a\u003e [ecs\\_execution\\_role](#input\\_ecs\\_execution\\_role) | ECS execution role. If specified none will be created | `string` | `\"\"` | no |\n| \u003ca name=\"input_ecs_task_role\"\u003e\u003c/a\u003e [ecs\\_task\\_role](#input\\_ecs\\_task\\_role) | ECS task execution role. If specified none will be created | `string` | `\"\"` | no |\n| \u003ca name=\"input_environment_variables\"\u003e\u003c/a\u003e [environment\\_variables](#input\\_environment\\_variables) | The environment variables to pass to the container. This is a list of maps | \u003cpre\u003elist(object({\u003cbr\u003e    name  = string\u003cbr\u003e    value = string\u003cbr\u003e  }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_health_check\"\u003e\u003c/a\u003e [health\\_check](#input\\_health\\_check) | Target group health check, for LB to assess service health | \u003cpre\u003eobject({\u003cbr\u003e    port                = string\u003cbr\u003e    protocol            = string\u003cbr\u003e    healthy_threshold   = number\u003cbr\u003e    unhealthy_threshold = number\u003cbr\u003e    interval            = number\u003cbr\u003e  })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr\u003e  \"healthy_threshold\": 3,\u003cbr\u003e  \"interval\": 30,\u003cbr\u003e  \"port\": \"traffic-port\",\u003cbr\u003e  \"protocol\": \"HTTP\",\u003cbr\u003e  \"unhealthy_threshold\": 3\u003cbr\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_internal_protocol\"\u003e\u003c/a\u003e [internal\\_protocol](#input\\_internal\\_protocol) | Protocol for traffic between the ALB and ECS. Should be one of [TCP, TLS, UDP, TCP\\_UDP] | `string` | `\"TCP\"` | no |\n| \u003ca name=\"input_launch_type\"\u003e\u003c/a\u003e [launch\\_type](#input\\_launch\\_type) | ECS service launch type: FARGATE \\| EC2 | `string` | `\"FARGATE\"` | no |\n| \u003ca name=\"input_listener_port\"\u003e\u003c/a\u003e [listener\\_port](#input\\_listener\\_port) | Port LB listener will be created on \u0026 external port which will receive traffic | `number` | n/a | yes |\n| \u003ca name=\"input_load_balancer_arn\"\u003e\u003c/a\u003e [load\\_balancer\\_arn](#input\\_load\\_balancer\\_arn) | ARN of load balancer which API will be attached to | `string` | n/a | yes |\n| \u003ca name=\"input_name\"\u003e\u003c/a\u003e [name](#input\\_name) | Moniker to apply to all resources in module | `string` | n/a | yes |\n| \u003ca name=\"input_network_mode\"\u003e\u003c/a\u003e [network\\_mode](#input\\_network\\_mode) | The Docker networking mode to use for the containers in the task. The valid values are none, bridge, awsvpc, and host. | `string` | `\"awsvpc\"` | no |\n| \u003ca name=\"input_secrets\"\u003e\u003c/a\u003e [secrets](#input\\_secrets) | The secrets to pass to the container. This is a list of maps | \u003cpre\u003elist(object({\u003cbr\u003e    name      = string\u003cbr\u003e    valueFrom = string\u003cbr\u003e  }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_security_group_ids\"\u003e\u003c/a\u003e [security\\_group\\_ids](#input\\_security\\_group\\_ids) | List of Security Group IDs to apply to the ECS Service | `list(string)` | `[]` | no |\n| \u003ca name=\"input_service_registry_arn\"\u003e\u003c/a\u003e [service\\_registry\\_arn](#input\\_service\\_registry\\_arn) | ARN of aws\\_service\\_discovery\\_service | `string` | `null` | no |\n| \u003ca name=\"input_stickiness\"\u003e\u003c/a\u003e [stickiness](#input\\_stickiness) | Stickiness session enabled. | `any` | `null` | no |\n| \u003ca name=\"input_subnets\"\u003e\u003c/a\u003e [subnets](#input\\_subnets) | Subnets that should be added to ECS service network configuration | `list(string)` | `[]` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | Resource Tags. BE VERBOSE. Should AT MINIMIUM contain; Name \u0026 Owner | `map(string)` | `{}` | no |\n| \u003ca name=\"input_target_group_port\"\u003e\u003c/a\u003e [target\\_group\\_port](#input\\_target\\_group\\_port) | The port on which targets receive traffic on the Target Group | `number` | `80` | no |\n| \u003ca name=\"input_task_cpu\"\u003e\u003c/a\u003e [task\\_cpu](#input\\_task\\_cpu) | The number of cpu units used by the task. | `number` | `1024` | no |\n| \u003ca name=\"input_task_desired_count\"\u003e\u003c/a\u003e [task\\_desired\\_count](#input\\_task\\_desired\\_count) | Number of copies of task definition that should be running at any given time | `number` | `1` | no |\n| \u003ca name=\"input_task_memory\"\u003e\u003c/a\u003e [task\\_memory](#input\\_task\\_memory) | The amount (in MiB) of memory used by the task. | `number` | `2048` | no |\n| \u003ca name=\"input_volumes\"\u003e\u003c/a\u003e [volumes](#input\\_volumes) | The Volume to attach ecs container. This is a list of maps | \u003cpre\u003eset(object({\u003cbr\u003e    name = string\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_vpc_id\"\u003e\u003c/a\u003e [vpc\\_id](#input\\_vpc\\_id) | VPC ID where resources will be created | `string` | n/a | yes |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_cloudwatch_log_group\"\u003e\u003c/a\u003e [cloudwatch\\_log\\_group](#output\\_cloudwatch\\_log\\_group) | aws\\_cloudwatch\\_log\\_group resource |\n| \u003ca name=\"output_ecs_service\"\u003e\u003c/a\u003e [ecs\\_service](#output\\_ecs\\_service) | aws\\_ecs\\_service resource |\n| \u003ca name=\"output_ecs_task_iam_role\"\u003e\u003c/a\u003e [ecs\\_task\\_iam\\_role](#output\\_ecs\\_task\\_iam\\_role) | aws\\_iam\\_role resource for the ECS task |\n| \u003ca name=\"output_iam_role_ecs_service\"\u003e\u003c/a\u003e [iam\\_role\\_ecs\\_service](#output\\_iam\\_role\\_ecs\\_service) | aws\\_iam\\_role resource for the ECS service |\n| \u003ca name=\"output_lb_target_group\"\u003e\u003c/a\u003e [lb\\_target\\_group](#output\\_lb\\_target\\_group) | aws\\_lb\\_target\\_group resource |\n| \u003ca name=\"output_security_group_id\"\u003e\u003c/a\u003e [security\\_group\\_id](#output\\_security\\_group\\_id) | Resource ID of Security Group |\n| \u003ca name=\"output_task_definition\"\u003e\u003c/a\u003e [task\\_definition](#output\\_task\\_definition) | aws\\_ecs\\_task\\_definition resource |\n\u003c!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n\n## The Giants underneath this module\n- pre-commit.com/\n- terraform.io/\n- github.com/tfutils/tfenv\n- github.com/segmentio/terraform-docs\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhythmictech%2Fterraform-aws-nlb-ecs-task","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frhythmictech%2Fterraform-aws-nlb-ecs-task","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhythmictech%2Fterraform-aws-nlb-ecs-task/lists"}