Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/infraspecdev/terraform-aws-kong
Terraform Module to setup Kong(OSS) in ECS with self managed EC2 instances.
https://github.com/infraspecdev/terraform-aws-kong
ecs kong kong-gateway terraform
Last synced: 3 days ago
JSON representation
Terraform Module to setup Kong(OSS) in ECS with self managed EC2 instances.
- Host: GitHub
- URL: https://github.com/infraspecdev/terraform-aws-kong
- Owner: infraspecdev
- License: mit
- Created: 2024-07-18T11:34:40.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2024-11-21T12:56:23.000Z (about 1 month ago)
- Last Synced: 2024-11-21T13:39:01.956Z (about 1 month ago)
- Topics: ecs, kong, kong-gateway, terraform
- Language: HCL
- Homepage: https://registry.terraform.io/modules/infraspecdev/kong/aws/latest
- Size: 304 KB
- Stars: 2
- Watchers: 3
- Forks: 0
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
README
# terraform-aws-kong
Terraform Module to setup Kong(OSS) in ECS with self managed EC2 instances.
# Architectural Diagram
# Assumptions
This setup assumes that the `ECS cluster` that has `Auto Scaling Group (ASG)` exist with the name `default`. If you are using different name, you can provide those in the variables section of your Terraform configuration.
## Adding Parameters to AWS Systems Manager Parameter Store
Ensure you have the AWS CLI installed on your machine. You can find the installation instructions for different operating systems in the official AWS CLI documentation:
[Install AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html)
Use the following commands to add the required parameters to AWS Systems Manager Parameter Store. These parameters are necessary for configuring your PostgreSQL database.
```sh
aws ssm put-parameter --name "/rds/POSTGRES_USERNAME" --value "value" --type "SecureString"
aws ssm put-parameter --name "/rds/POSTGRES_PASSWORD" --value "value" --type "SecureString"
aws ssm put-parameter --name "/rds/POSTGRES_DB_NAME" --value "value" --type "SecureString"
```
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.8.4 |
| [aws](#requirement\_aws) | >= 5.5.0 |
## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | >= 5.5.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| [ecs\_kong](#module\_ecs\_kong) | infraspecdev/ecs-deployment/aws | ~> 4.0.4 |
| [ecs\_task\_security\_group](#module\_ecs\_task\_security\_group) | terraform-aws-modules/security-group/aws | ~> 5.1.2 |
| [internal\_alb\_kong](#module\_internal\_alb\_kong) | infraspecdev/ecs-deployment/aws//modules/alb | ~> 2.0.0 |
| [internal\_alb\_security\_group](#module\_internal\_alb\_security\_group) | terraform-aws-modules/security-group/aws | ~> 5.1.2 |
| [kong\_internal\_dns\_record](#module\_kong\_internal\_dns\_record) | ./modules/route-53-record | n/a |
| [kong\_public\_dns\_record](#module\_kong\_public\_dns\_record) | ./modules/route-53-record | n/a |
| [kong\_rds](#module\_kong\_rds) | terraform-aws-modules/rds/aws | ~> 6.7.0 |
| [postgres\_security\_group](#module\_postgres\_security\_group) | terraform-aws-modules/security-group/aws | ~> 5.1.2 |
| [public\_alb\_security\_group](#module\_public\_alb\_security\_group) | terraform-aws-modules/security-group/aws | ~> 5.1.2 |
## Resources
| Name | Type |
|------|------|
| [aws_iam_role.ecs_exec](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_iam_role_policy_attachment.ecs_exec](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_ecs_cluster.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecs_cluster) | data source |
| [aws_iam_policy_document.assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_ssm_parameter.rds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
| [aws_vpc.vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [backup\_retention\_period](#input\_backup\_retention\_period) | The number of days to retain backups | `number` | `1` | no |
| [backup\_window](#input\_backup\_window) | The daily time range (in UTC) during which automated backups are created if they are enabled | `string` | `null` | no |
| [cluster\_name](#input\_cluster\_name) | Name of the cluster | `string` | `"default"` | no |
| [container\_image](#input\_container\_image) | Container image for kong | `string` | `"kong:3.7.1-ubuntu"` | no |
| [cpu\_for\_kong\_task](#input\_cpu\_for\_kong\_task) | CPU required for kong task definiton | `number` | `256` | no |
| [create\_db\_subnet\_group](#input\_create\_db\_subnet\_group) | Whether to create a DB subnet group | `bool` | `true` | no |
| [db\_allocated\_storage](#input\_db\_allocated\_storage) | The amount of allocated storage in GBs | `number` | `20` | no |
| [db\_max\_allocated\_storage](#input\_db\_max\_allocated\_storage) | The maximum amount of allocated storage in GBs | `number` | `100` | no |
| [deletion\_protection](#input\_deletion\_protection) | Whether to enable deletion protection | `bool` | `false` | no |
| [desired\_count\_for\_kong\_service](#input\_desired\_count\_for\_kong\_service) | Desired count for kong service | `number` | `1` | no |
| [force\_new\_deployment](#input\_force\_new\_deployment) | Whether to force new deployment | `bool` | `true` | no |
| [kong\_admin\_domain\_name](#input\_kong\_admin\_domain\_name) | Kong admin domain name | `string` | n/a | yes |
| [kong\_public\_domain\_name](#input\_kong\_public\_domain\_name) | Kong public domain name | `string` | n/a | yes |
| [log\_configuration\_for\_kong](#input\_log\_configuration\_for\_kong) | Log configuration for kong | `any` | `null` | no |
| [maintenance\_window](#input\_maintenance\_window) | The window to perform maintenance in.Syntax:ddd:hh24:mi-ddd:hh24:mi | `string` | `null` | no |
| [manage\_master\_user\_password](#input\_manage\_master\_user\_password) | Whether to manage master user password | `bool` | `false` | no |
| [memory\_for\_kong\_task](#input\_memory\_for\_kong\_task) | Memory required for kong task definiton | `number` | `256` | no |
| [multi\_az](#input\_multi\_az) | Specifies if the RDS instance is multi-AZ | `bool` | `false` | no |
| [performance\_insights\_enabled](#input\_performance\_insights\_enabled) | Whether to enable performance insights | `bool` | `true` | no |
| [performance\_insights\_retention\_period](#input\_performance\_insights\_retention\_period) | The retention period for performance insights | `number` | `7` | no |
| [private\_subnet\_ids](#input\_private\_subnet\_ids) | List of private subnet id | `list(string)` | n/a | yes |
| [public\_subnet\_ids](#input\_public\_subnet\_ids) | List of public subnet id | `list(string)` | n/a | yes |
| [rds\_db\_tags](#input\_rds\_db\_tags) | List of tags | `map(string)` | `{}` | no |
| [rds\_instance\_class](#input\_rds\_instance\_class) | The instance class to use | `string` | `"db.t3.micro"` | no |
| [ssl\_policy](#input\_ssl\_policy) | Name of the SSL Policy for the listener. | `string` | `"ELBSecurityPolicy-2016-08"` | no |
| [vpc\_id](#input\_vpc\_id) | The ID of the VPC | `string` | n/a | yes |
## Outputs
| Name | Description |
|------|-------------|
| [ecs\_service\_arn](#output\_ecs\_service\_arn) | ARN of kong ECS service |
| [internal\_alb\_dns](#output\_internal\_alb\_dns) | DNS name of internal ALB |
| [public\_alb\_dns](#output\_public\_alb\_dns) | DNS name of public ALB |
| [rds\_instance\_endpoint](#output\_rds\_instance\_endpoint) | Endpoint of RDS instance |