This Terraform module offers a streamlined solution for deploying and managing AWS Elastic Container Service (ECS) on AWS Fargate in your AWS account. AWS Fargate is a serverless compute engine designed for running containers, enabling you to focus on your applications without worrying about managing the underlying infrastructure. By utilizing this Terraform module, you can effectively set up and manage your containerized applications, ensuring they are highly available and can scale to accommodate increased traffic.
Our team possesses in-depth knowledge of AWS container services and has fine-tuned this module to deliver the best possible experience for users. The module encompasses all essential configurations, making it simple to use and integrate into your existing AWS ecosystem. Whether you are just beginning your journey with containerized applications or seeking a more efficient approach to manage your workloads, this Terraform module offers a preconfigured solution for seamless scalability and high availability."
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| assign_public_ip | Assign a public IP address to the ENI. | bool |
false |
no |
| cloudwatch_log_group_name | The name of the CloudWatch log group. | string |
null |
no |
| cloudwatch_log_group_retention_in_days | The number of days log events are kept in CloudWatch log group. | number |
30 |
no |
| codedeploy_auto_rollback_events | The event type or types that trigger a rollback. If none are defined auto_rollback will be disabled. |
list(string) |
[ |
no |
| codedeploy_cloudwatch_alarm_names | Cloudwatch alarm NAMES (not ARNs) to add to the deployment group. Allows automated rollback on errors. | list(string) |
[] |
no |
| codedeploy_deployment_config_name | The name of the group's deployment config. | string |
"CodeDeployDefault.ECSAllAtOnce" |
no |
| codedeploy_deployment_ready_wait_time_in_minutes | The number of minutes to wait before the status of a blue/green deployment changed to Stopped if rerouting is not started manually. If set to 0 the deployment will continue without waiting for approval. | number |
0 |
no |
| codedeploy_ignore_poll_alarm_failure | Whether to ignore failures when polling for alarms. | bool |
false |
no |
| codedeploy_role_name | The name of the role that allows CodeDeploy to make calls to ECS, Auto Scaling, and CloudWatch on your behalf. | string |
null |
no |
| codedeploy_role_name_prefix | Whether to prefix the CodeDeploy role name. | bool |
false |
no |
| codedeploy_termination_action | The action to take on instances in the original environment after a successful blue/green deployment. | string |
"TERMINATE" |
no |
| codedeploy_termination_wait_time_in_minutes | The number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment. | number |
0 |
no |
| create_cloudwatch_log_group | Whether to create a CloudWatch log group for the service. | bool |
true |
no |
| deployment_maximum_percent | Upper limit (as a percentage of the service's desired_count) of the number of running tasks that can be running in a service during a deployment. |
number |
200 |
no |
| deployment_minimum_healthy_percent | Lower limit (as a percentage of the service's desired_count) of the number of running tasks that must remain running and healthy in a service during a deployment. |
number |
100 |
no |
| desired_count | Number of instances of the task definition to place and keep running. | number |
1 |
no |
| ecs_cluster_name | ARN of an ECS cluster for the service. | string |
n/a | yes |
| enable_ecs_managed_tags | Specifies whether to enable Amazon ECS managed tags for the tasks within the service. | bool |
false |
no |
| enable_execute_command | Specifies whether to enable Amazon ECS Exec for the tasks within the service. | bool |
true |
no |
| enable_lb_test_listener | Enable a test listener on the load balancer. This is useful for testing the deployment process. | bool |
false |
no |
| health_check_grace_period_seconds | Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown. | number |
0 |
no |
| lb_arn | The ARN of the load balancer to attach to the service. | string |
n/a | yes |
| lb_listener | Use an existing LB listener to attach to the service. If used, the other lb_* arguments are ignored. | string |
null |
no |
| lb_listener_alpn_policy | The ALPN policy to use for HTTPS listener. | string |
null |
no |
| lb_listener_certificate_arn | The ARN of the certificate to use for HTTPS listener. | string |
null |
no |
| lb_listener_port | The port on the load balancer listener. | number |
80 |
no |
| lb_listener_protocol | The protocol on the load balancer listener. | string |
"HTTP" |
no |
| lb_listener_ssl_policy | The SSL policy to use for HTTPS listener. | string |
"ELBSecurityPolicy-FS-1-2-Res-2020-10" |
no |
| lb_test_listener | Use an existing LB test listener to attach to the service. If used, the other lb_test_* arguments are ignored. | string |
null |
no |
| lb_test_listener_alpn_policy | The ALPN policy to use for the test HTTPS listener. | string |
null |
no |
| lb_test_listener_certificate_arn | The ARN of the certificate to use for the test HTTPS listener. | string |
null |
no |
| lb_test_listener_port | The port on the load balancer test listener. | number |
80 |
no |
| lb_test_listener_protocol | The protocol on the load balancer test listener. | string |
"HTTP" |
no |
| lb_test_listener_ssl_policy | The SSL policy to use for the test HTTPS listener. | string |
"ELBSecurityPolicy-FS-1-2-Res-2020-10" |
no |
| load_balancer_container_name | Name of the container to associate with the load balancer (as it appears in a container definition). Default: Will use the name of the first container in the task_container_definitions. |
string |
null |
no |
| load_balancer_container_port | Port on the container to associate with the load balancer. Default: Will use the containerPort of the first containers first portMapping in the task_container_definitions. |
number |
null |
no |
| name | Base name of the created resources. | string |
n/a | yes |
| platform_version | Platform version on which to run your service. | string |
"1.4.0" |
no |
| propagate_tags | Specifies whether to propagate the tags from the task definition or the service to the tasks. | string |
"SERVICE" |
no |
| security_group_ids | Security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. | list(string) |
[] |
no |
| service_registries | Service discovery registries for the service. | list(object({ |
[] |
no |
| subnet_ids | Subnets associated with the task or service. | list(string) |
n/a | yes |
| tags | Tags to add to the created resources. | map(any) |
{} |
no |
| target_group_connection_termination | Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. | bool |
false |
no |
| target_group_deregistration_delay | Amount time in seconds for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. | number |
300 |
no |
| target_group_health_check_healthy_threshold | Number of consecutive health checks successes required before considering an unhealthy target healthy. | number |
3 |
no |
| target_group_health_check_interval | Approximate amount of time, in seconds, between health checks of an individual target. | number |
30 |
no |
| target_group_health_check_matcher | Response codes to use when checking for a healthy responses from a target. You can specify multiple values (for example, 200,202 for HTTP(s) or 0,12 for GRPC) or a range of values (for example, 200-299 or 0-99). |
string |
"200-299" |
no |
| target_group_health_check_path | Destination for the health check request. | string |
"/health" |
no |
| target_group_health_check_port | Port to use to connect with the target. | any |
"traffic-port" |
no |
| target_group_health_check_protocol | Protocol to use to connect with the target. Default: target_group_protocol. |
string |
null |
no |
| target_group_health_check_timeout | Amount of time, in seconds, during which no response means a failed health check. | number |
5 |
no |
| target_group_health_check_unhealthy_threshold | Number of consecutive health check failures required before considering the target unhealthy. | number |
3 |
no |
| target_group_load_balancing_algorithm_type | Determines how the load balancer selects targets when routing requests. | string |
"round_robin" |
no |
| target_group_protocol | Protocol on the container to associate with the target group. | string |
"HTTP" |
no |
| target_group_protocol_version | The protocol version. | string |
"HTTP1" |
no |
| target_group_proxy_protocol_v2 | Whether to enable support for proxy protocol v2 on Network Load Balancers. | bool |
false |
no |
| target_group_slow_start | Amount time for targets to warm up before the load balancer sends them a full share of requests. | number |
0 |
no |
| task_additional_execute_role_policies | Additional policy ARNs to attach to the execution role. | list(string) |
[] |
no |
| task_additional_task_role_policies | Additional policy ARNs to attach to the task role. | list(string) |
[] |
no |
| task_container_definitions | A list of valid container definitions provided as a valid HCL object list. | any |
n/a | yes |
| task_cpu | Number of CPU units used by the task. | number |
1024 |
no |
| task_cpu_architecture | CPU architecture required by the task. | string |
"X86_64" |
no |
| task_definition_name | Name of the task definition. Defaults to the base name. | string |
null |
no |
| task_ephemeral_storage_size_in_gib | The amount of ephemeral storage (in GiB) to allocate to the task. | number |
20 |
no |
| task_inference_accelerators | List of Elastic Inference accelerators associated with the task. | list(object({ |
[] |
no |
| task_memory | Amount (in MiB) of memory used by the task. | number |
2048 |
no |
| task_operating_system_family | OS family required by the task. | string |
"LINUX" |
no |
| task_proxy_configuration | Configuration details for an App Mesh proxy. | object({ |
null |
no |
| task_volumes | A list of volume definitions. | list(object({ |
[] |
no |
| Name | Description |
|---|---|
| aws_lb_listener_arn | ARN of the ALB main listener. |
| aws_lb_test_listener_arn | ARN of the ALB test listener. |
| blue_target_group_arn | ARN of the blue target group. |
| cloudwatch_log_group_arn | ARN of the CloudWatch log group. |
| codedeploy_app_name | CodeDeploy application name. |
| codedeploy_deployment_group_name | CodeDeploy deployment group name. |
| green_target_group_arn | ARN of the green target group. |
| service_name | ECS service name. |
| task_definition_arn | ARN of the task definition. |
| task_definition_execution_role_arn | ARN of the task execution role. |
| task_definition_execution_role_name | Name of the task execution role. |
| task_definition_task_role_arn | ARN of the task role. |
| task_definition_task_role_name | Name of the task role. |
| Name | Version |
|---|---|
| aws | >= 4.36 |
| random | >= 3.1 |
- resource.aws_cloudwatch_log_group.main (main.tf#310)
- resource.aws_codedeploy_app.main (main.tf#231)
- resource.aws_codedeploy_deployment_group.main (main.tf#238)
- resource.aws_ecs_service.main (main.tf#56)
- resource.aws_lb_listener.main (main.tf#176)
- resource.aws_lb_listener.test_listener (main.tf#202)
- resource.aws_lb_target_group.main (main.tf#133)
- resource.random_id.target_group (main.tf#122)
- data source.aws_subnet.main (data.tf#1)
module "basic-example" {
source = "../../"
name = "basic-example"
ecs_cluster_name = "example-cluster"
lb_arn = "lb.aws.amazon.com"
subnet_ids = ["subnet-123", "subnet-456", "subnet-789"]
task_container_definitions = "nginx"
}