Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/rhythmictech/terraform-aws-alb-ecs-task

Simple ECS task behind an ALB with CloudWatch logging. Batteries included.
https://github.com/rhythmictech/terraform-aws-alb-ecs-task

alb aws ec2 ecs ecs-task fargate terraform terraform-module

Last synced: 7 months ago
JSON representation

Simple ECS task behind an ALB with CloudWatch logging. Batteries included.

Awesome Lists containing this project

README 

          
# terraform-aws-alb-ecs-task [![](https://github.com/rhythmictech/terraform-aws-alb-ecs-task/workflows/pre-commit-check/badge.svg)](https://github.com/rhythmictech/terraform-aws-alb-ecs-task/actions) follow on Twitter

Creates an ECS service, ECS task, ALB target group, ALB listener, and CloudWatch logging. Ignores updates to the task so deployments can continue via another pipeline.



## Example

Here's what using the module will look like

```hcl

module "example" {

  source  = "rhythmictech/alb-ecs-task/aws"

  version = "1.1.0"



  cluster_name      = aws_ecs_cluster.example.name

  container_port    = 80

  container_image   = "docker.io/library/nginx:latest"

  load_balancer_arn = aws_lb.public.arn

  listener_port     = 80

  name              = module.tags.name

  subnets           = var.subnet_ids

  tags              = module.tags.tags

  vpc_id            = var.vpc_id

}

```



## Requirements



| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 0.12.19 |

|  [aws](#requirement\_aws) | >= 2.48.0 |



## Providers



| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | 4.8.0 |



## Modules



| Name | Source | Version |

|------|--------|---------|

|  [container\_definition](#module\_container\_definition) | cloudposse/ecs-container-definition/aws | 0.58.1 |



## Resources



| Name | Type |

|------|------|

| [aws_cloudwatch_log_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |

| [aws_ecs_service.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service) | resource |

| [aws_ecs_task_definition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition) | resource |

| [aws_iam_role.ecs_exec](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |

| [aws_iam_role.ecs_task](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |

| [aws_iam_role_policy_attachment.additional](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_iam_role_policy_attachment.ecs_exec](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_iam_role_policy_attachment.ecs_exec_additional](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_lb_listener_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_rule) | resource |

| [aws_lb_target_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |

| [aws_security_group.ecs_service](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |

| [aws_security_group_rule.alb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |

| [aws_security_group_rule.allow_all_egress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |

| [aws_iam_policy_document.assume](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |

| [aws_iam_policy_document.ecs_exec](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |

| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |



## Inputs



| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [additional\_ecs\_service\_exec\_policy\_arns](#input\_additional\_ecs\_service\_exec\_policy\_arns) | ARNs for additional ECS Service Execution Role policies | `list(string)` | `[]` | no |

|  [additional\_ecs\_task\_policy\_arns](#input\_additional\_ecs\_task\_policy\_arns) | ARNs for additional ECS task policies | `list(string)` | `[]` | no |

|  [alb\_security\_group\_id](#input\_alb\_security\_group\_id) | ID for ALB Security Group | `string` | n/a | yes |

|  [assign\_ecs\_service\_public\_ip](#input\_assign\_ecs\_service\_public\_ip) | Assigns a public IP to your ECS service. Set true if using fargate, see https://aws.amazon.com/premiumsupport/knowledge-center/ecs-pull-container-api-error-ecr/ | `bool` | `false` | no |

|  [cluster\_name](#input\_cluster\_name) | Name of ECS cluster | `string` | n/a | yes |

|  [container\_image](#input\_container\_image) | Container image, ie 203583890406.dkr.ecr.us-west-1.amazonaws.com/api-integrations:git-34752db | `string` | `"busybox"` | no |

|  [container\_name](#input\_container\_name) | Defaults to `api-` | `string` | `null` | no |

|  [container\_port](#input\_container\_port) | Port on Container that main process is listening on | `number` | n/a | yes |

|  [ecs\_execution\_role](#input\_ecs\_execution\_role) | ECS execution role. If specified none will be created | `string` | `""` | no |

|  [ecs\_task\_role](#input\_ecs\_task\_role) | ECS task execution role. If specified none will be created | `string` | `""` | no |

|  [environment\_variables](#input\_environment\_variables) | The environment variables to pass to the container. This is a list of maps | 
list(object({
    name  = string
    value = string
  }))
 | `null` | no |

|  [health\_check](#input\_health\_check) | Target group health check, for LB to assess service health
See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group#health_check | 
object({
    healthy_threshold   = number
    interval            = number
    path                = string
    port                = string
    protocol            = string
    unhealthy_threshold = number
  })
 | 
{
  "healthy_threshold": 3,
  "interval": 30,
  "path": "/",
  "port": "traffic-port",
  "protocol": "HTTP",
  "unhealthy_threshold": 3
}
 | no |

|  [host\_headers](#input\_host\_headers) | The hostname in the request which acts as condition for listener. See
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_rule#host_header | `list(string)` | n/a | yes |

|  [internal\_protocol](#input\_internal\_protocol) | Protocol for traffic between the ALB and ECS. Should be one of [TCP, TLS, UDP, TCP\_UDP, HTTP, HTTPS] | `string` | `"HTTP"` | no |

|  [launch\_type](#input\_launch\_type) | ECS service launch type: FARGATE \| EC2 | `string` | `"FARGATE"` | no |

|  [listener\_arn](#input\_listener\_arn) | ARN of listener on ALB | `string` | n/a | yes |

|  [name](#input\_name) | Moniker to apply to all resources in module | `string` | n/a | yes |

|  [network\_mode](#input\_network\_mode) | The Docker networking mode to use for the containers in the task. The valid values are none, bridge, awsvpc, and host. | `string` | `"awsvpc"` | no |

|  [secrets](#input\_secrets) | The secrets to pass to the container. This is a list of maps | 
list(object({
    name      = string
    valueFrom = string
  }))
 | `null` | no |

|  [security\_group\_ids](#input\_security\_group\_ids) | List of Security Group IDs to apply to the ECS Service | `list(string)` | `[]` | no |

|  [service\_registry\_arn](#input\_service\_registry\_arn) | ARN of aws\_service\_discovery\_service | `string` | `null` | no |

|  [subnets](#input\_subnets) | Subnets that should be added to ECS service network configuration | `list(string)` | `[]` | no |

|  [tags](#input\_tags) | Resource Tags. BE VERBOSE. Should AT MINIMIUM contain; Name & Owner | `map(string)` | `{}` | no |

|  [target\_group\_port](#input\_target\_group\_port) | The port on which targets receive traffic on the Target Group | `number` | `80` | no |

|  [task\_cpu](#input\_task\_cpu) | The number of cpu units used by the task. | `number` | `1024` | no |

|  [task\_def\_arn](#input\_task\_def\_arn) | Task definition arn | `string` | `""` | no |

|  [task\_desired\_count](#input\_task\_desired\_count) | Number of copies of task definition that should be running at any given time | `number` | `1` | no |

|  [task\_memory](#input\_task\_memory) | The amount (in MiB) of memory used by the task. | `number` | `2048` | no |

|  [vpc\_id](#input\_vpc\_id) | VPC ID where resources will be created | `string` | n/a | yes |



## Outputs



| Name | Description |

|------|-------------|

|  [cloudwatch\_log\_group](#output\_cloudwatch\_log\_group) | aws\_cloudwatch\_log\_group resource |

|  [ecs\_service](#output\_ecs\_service) | aws\_ecs\_service resource |

|  [ecs\_task\_iam\_role](#output\_ecs\_task\_iam\_role) | aws\_iam\_role resource for the ECS task |

|  [iam\_role\_ecs\_service](#output\_iam\_role\_ecs\_service) | aws\_iam\_role resource for the ECS service |

|  [lb\_target\_group](#output\_lb\_target\_group) | aws\_lb\_target\_group resource |

|  [lb\_target\_group\_arn](#output\_lb\_target\_group\_arn) | ARN for the target group associated with service |

|  [lb\_target\_group\_id](#output\_lb\_target\_group\_id) | ID for the target group associated with service |

|  [security\_group\_id](#output\_security\_group\_id) | Resource ID ofr Security Group associated with ECS Service network\_configuration |

|  [task\_definition](#output\_task\_definition) | aws\_ecs\_task\_definition resource |



## The Giants underneath this module

- pre-commit.com/

- terraform.io/

- github.com/tfutils/tfenv

- github.com/segmentio/terraform-docs