terraform-aws-ecs-web-app
terraform-aws-ecs-web-app copied to clipboard
Published
20 hours ago •
cloudposse
cloudposse
chore(deps): update terraform cloudposse/ecs-alb-service-task/aws to v0.74.0 (release/v1)
trafficstars
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/ecs-alb-service-task/aws (source) | module | minor | 0.64.1 -> 0.74.0 |
Release Notes
cloudposse/terraform-aws-ecs-alb-service-task (cloudposse/ecs-alb-service-task/aws)
v0.74.0
🚀 Enhancements
feat: Add task_definition_arn_without_revision output @adamantike (#216)
what
- Add
task_definition_arn_without_revisionoutput, using thearn_without_revisionattribute fromaws_ecs_task_definitionresource. - Update minimum AWS provider version to
v4.59.0.
why
- Useful for situations where the latest task definition is always desired.
- Avoiding manual string manipulation to strip the revision from the ARN.
references
- Added to AWS provider in version
v4.59.0: https://github.com/hashicorp/terraform-provider-aws/issues/27119
v0.73.0
Make `elb_name` optional @lagerfeuer (#215)
what
Make elb_name in ecs_load_balancer optional, as described in the linked Terraform docs for ECS Service.
why
Currently, when creating a service without elb_name, Terraform will fail because it expects the variable to be set. The workaround is to set it to null.
references
- https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service#load_balancer
v0.72.0
🚀 Enhancements
feat: support ECS service connect @gberenice (#212)
what
- This adds support for ECS Service connect, which is already supported by the provider, see service_connect_configuration block.
why
- Extend the module's functionality.
references
- There is a PR that partially covers this feature, but unfortunately, it's not active for a while, and there are requested changes to be done: https://github.com/cloudposse/terraform-aws-ecs-alb-service-task/pull/208
v0.71.0
feat: add pid and ipc mode to task def @dudymas (#206)
what
- add ipc_mode
- add pid_mode
why
- support host level access for monitoring processes
v0.70.0
fix external task definition must exist before first run @mightyguava (#204)
what
Change external task definition to a list(string) so that it can be flagged on without needing the task definition to already exist.
why
Fix this issue when using an external task definition
│ 49: count = local.enabled && var.task_definition == null ? 1 : 0
│
│ The "count" value depends on resource attributes that cannot be determined
│ until apply, so Terraform cannot predict how many instances will be
│ created. To work around this, use the -target argument to first apply only
│ the resources that the count depends on.
references
Similar to how this was solved for the task role arn https://github.com/cloudposse/terraform-aws-ecs-alb-service-task/blob/main/variables.tf#L216-L226. The workaround for now is to use -target like mentioned in #123.
Sync github @max-lobur (#199)
Sync github from the template
v0.69.0
- No changes
v0.68.0
Accept map or list for policy arns @Nuru (#198)
what
- Accept both map (
task_policy_arns_map,task_exec_policy_arns_map) and list (task_policy_arns,task_exec_policy_arns) inputs for policy ARNs. Supersedes and closes #196. - Add
depends_onforecs_serviceresource toaws_iam_role_policy.ecs_service.
why
History
- Issue #167 is typical behavior when supplying a list of inputs to convert into resources. The solution to it is to provide a map of resources, so that changes are limited to what is necessary according to the change in inputs. Adding to or removing from the list, or changing the order of the list, no longer affects the list items that did not change, because each item is now referenced by the key in the map rather than its index in the list.
- PR #178 tried to fix #167 by using the input values as keys. However, this created issue #191, because the values (IAM Policy ARNs) are generated by the
terraform applyand are therefore not known atplantime, which is a requirement. - PR #194 fixed #198, but re-introduced #167, because it simply replaced the implicit "list index as key" with an explicit one in the case of list inputs.
- PR #195 used the values as keys, but this just recreated #191, so it was abandoned
- PR #196 used a little-used provider that tries to let us have it both ways: it gives us #167 if the values are unknown at plan time but works well if the values are known at plan time. Unfortunately, this can render a plan non-deterministic. Even more importantly, it does not give a user whose values are unknown at plan time a way to avoid #167.
This Solution
With the solution provided by this PR, any user can avoid #167 by providing a map whose keys are known at plan time, regardless of whether the values are known at plan time. Policy ARNs could be labeled by name, purpose, region, or whatever the user wants to avoid #167. Or, if the user doesn't care about #167, perhaps because they are only supplying a single Policy ARN, then they can just supply it in a list.
v0.67.1
🚀 Enhancements
Use map for task & task exec policy arns variables @joe-niland (#194)
what
- Replaced variables
task_policy_arnsandtask_exec_policy_arnswithtask_policy_arns_mapandtask_exec_policy_arns_maprespectively - Existing variables were moved to
variables-deprecated.tfand values will be internally converted to a map if variables are defined
why
- The for_each change implemented in https://github.com/cloudposse/terraform-aws-ecs-alb-service-task/commit/14008fc2491eb31b03567ea98e319e90340546d6 has the potential to cause the Terraform '"for_each" value depends on resource attributes that cannot be determined until apply' error.
- Modifying this input to use a map can circumvent this error
references
- closes #191
v0.67.0
Add option to trigger a redeployment on apply @joe-niland (#193)
what
- Adds a variable to enable/disable triggering a new ECS service deployment on apply.
why
- In aws provider v4.40.0 an option was added to allow triggering a new ECS service deployment on apply.
- This is useful so the service can be updated to the latest service/task configuration without needing to take additional steps are applying the Terraform config.
references
- None
v0.66.4
🚀 Enhancements
Task Role uses for-each instead of count @Benbentwo (#178)
what
- task role uses for each
why
- fixes: #167
Note:
The outputs had to be changed to output a map as a single string, hence why they look complex, it's to keep backwards compatibility
🐛 Bug Fixes
Task Role uses for-each instead of count @Benbentwo (#178)
what
- task role uses for each
why
- fixes: #167
Note:
The outputs had to be changed to output a map as a single string, hence why they look complex, it's to keep backwards compatibility
v0.66.3
🚀 Enhancements
make `host_path` optional for fargate @Benbentwo (#176)
what
- Sets
host_pathas optional in bind_mount_volumes for fargate which it cannot be specified
why
- Fargate Volumes
references
- Closes #174
v0.66.2
Adding support for bind mount volume types @bfox1793 (#173)
what
- Adding support for a basic bind_mount volume type for tasks
why
- This is a supported feature of ECS. This update adds that support into the terraform module
references
- closes #172
🤖 Automatic Updates
Update README.md and docs @cloudpossebot (#171)
what
This is an auto-generated PR that updates the README.md and docs
why
To have most recent changes of README.md and doc from origin templates
v0.66.1
🚀 Enhancements
Set bool inputs to type bool @nitrocode (#170)
what
- set bool type on applicable inputs
- bumped test version to latest in example module
why
ecs_service_enabledusedstringinstead ofbooltype
references
- Previous PR https://github.com/cloudposse/terraform-aws-ecs-alb-service-task/pull/169
- Previous PR https://github.com/cloudposse/terraform-aws-ecs-alb-service-task/pull/162
command
terraform plan -var "ecs_service_enabled=false" -var-file=fixtures.us-east-2.tfvars
### aws_ecs_cluster.default will be created
+ resource "aws_ecs_cluster" "default" {
+ arn = (known after apply)
+ capacity_providers = (known after apply)
+ id = (known after apply)
+ name = "eg-test-ecs-alb-service-task"
+ tags = {
+ "Name" = "eg-test-ecs-alb-service-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Name" = "eg-test-ecs-alb-service-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ default_capacity_provider_strategy {
+ base = (known after apply)
+ capacity_provider = (known after apply)
+ weight = (known after apply)
}
+ setting {
+ name = (known after apply)
+ value = (known after apply)
}
}
### module.ecs_alb_service_task.aws_ecs_task_definition.default[0] will be created
+ resource "aws_ecs_task_definition" "default" {
+ arn = (known after apply)
+ container_definitions = jsonencode(
[
+ {
+ cpu = 256
+ environment = [
+ {
+ name = "false_boolean_var"
+ value = "false"
},
+ {
+ name = "integer_var"
+ value = "42"
},
+ {
+ name = "string_var"
+ value = "I am a string"
},
+ {
+ name = "true_boolean_var"
+ value = "true"
},
]
+ essential = true
+ image = "cloudposse/geodesic"
+ memory = 256
+ memoryReservation = 128
+ mountPoints = []
+ name = "geodesic"
+ portMappings = [
+ {
+ containerPort = 80
+ hostPort = 80
+ protocol = "tcp"
},
+ {
+ containerPort = 443
+ hostPort = 443
+ protocol = "udp"
},
]
+ readonlyRootFilesystem = false
+ volumesFrom = []
},
]
)
+ cpu = "256"
+ execution_role_arn = (known after apply)
+ family = "eg-test-ecs-alb-service-task"
+ id = (known after apply)
+ memory = "512"
+ network_mode = "awsvpc"
+ requires_compatibilities = [
+ "FARGATE",
]
+ revision = (known after apply)
+ skip_destroy = false
+ tags = {
+ "Name" = "eg-test-ecs-alb-service-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Name" = "eg-test-ecs-alb-service-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ task_role_arn = (known after apply)
}
### module.ecs_alb_service_task.aws_iam_role.ecs_exec[0] will be created
+ resource "aws_iam_role" "ecs_exec" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ecs-tasks.amazonaws.com"
}
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "eg-test-ecs-alb-service-task-exec"
+ name_prefix = (known after apply)
+ path = "/"
+ tags = {
+ "Attributes" = "exec"
+ "Name" = "eg-test-ecs-alb-service-task-exec"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Attributes" = "exec"
+ "Name" = "eg-test-ecs-alb-service-task-exec"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ unique_id = (known after apply)
+ inline_policy {
+ name = (known after apply)
+ policy = (known after apply)
}
}
### module.ecs_alb_service_task.aws_iam_role.ecs_task[0] will be created
+ resource "aws_iam_role" "ecs_task" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ecs-tasks.amazonaws.com"
}
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "eg-test-ecs-alb-service-task-task"
+ name_prefix = (known after apply)
+ path = "/"
+ tags = {
+ "Attributes" = "task"
+ "Name" = "eg-test-ecs-alb-service-task-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Attributes" = "task"
+ "Name" = "eg-test-ecs-alb-service-task-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ unique_id = (known after apply)
+ inline_policy {
+ name = (known after apply)
+ policy = (known after apply)
}
}
### module.ecs_alb_service_task.aws_iam_role_policy.ecs_exec[0] will be created
+ resource "aws_iam_role_policy" "ecs_exec" {
+ id = (known after apply)
+ name = "eg-test-ecs-alb-service-task-exec"
+ policy = jsonencode(
{
+ Statement = [
+ {
+ Action = [
+ "ssm:GetParameters",
+ "logs:PutLogEvents",
+ "logs:CreateLogStream",
+ "logs:CreateLogGroup",
+ "ecr:GetDownloadUrlForLayer",
+ "ecr:GetAuthorizationToken",
+ "ecr:BatchGetImage",
+ "ecr:BatchCheckLayerAvailability",
]
+ Effect = "Allow"
+ Resource = "*"
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ role = (known after apply)
}
### module.ecs_alb_service_task.aws_security_group.ecs_service[0] will be created
+ resource "aws_security_group" "ecs_service" {
+ arn = (known after apply)
+ description = "Allow ALL egress from ECS service"
+ egress = (known after apply)
+ id = (known after apply)
+ ingress = (known after apply)
+ name = "eg-test-ecs-alb-service-task-service"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Attributes" = "service"
+ "Name" = "eg-test-ecs-alb-service-task-service"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Attributes" = "service"
+ "Name" = "eg-test-ecs-alb-service-task-service"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ vpc_id = (known after apply)
}
### module.ecs_alb_service_task.aws_security_group_rule.allow_all_egress[0] will be created
+ resource "aws_security_group_rule" "allow_all_egress" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = "Allow all outbound traffic to any IPv4 address"
+ from_port = 0
+ id = (known after apply)
+ protocol = "-1"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 0
+ type = "egress"
}
### module.subnets.data.aws_vpc.default[0] will be read during apply
### (config refers to values not yet known)
<= data "aws_vpc" "default" {
+ arn = (known after apply)
+ cidr_block = (known after apply)
+ cidr_block_associations = (known after apply)
+ default = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_dns_hostnames = (known after apply)
+ enable_dns_support = (known after apply)
+ id = (known after apply)
+ instance_tenancy = (known after apply)
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ state = (known after apply)
+ tags = (known after apply)
+ timeouts {
+ read = (known after apply)
}
}
### module.subnets.aws_eip.default[0] will be created
+ resource "aws_eip" "default" {
+ allocation_id = (known after apply)
+ association_id = (known after apply)
+ carrier_ip = (known after apply)
+ customer_owned_ip = (known after apply)
+ domain = (known after apply)
+ id = (known after apply)
+ instance = (known after apply)
+ network_border_group = (known after apply)
+ network_interface = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ public_ipv4_pool = (known after apply)
+ tags = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ tags_all = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ vpc = true
}
### module.subnets.aws_eip.default[1] will be created
+ resource "aws_eip" "default" {
+ allocation_id = (known after apply)
+ association_id = (known after apply)
+ carrier_ip = (known after apply)
+ customer_owned_ip = (known after apply)
+ domain = (known after apply)
+ id = (known after apply)
+ instance = (known after apply)
+ network_border_group = (known after apply)
+ network_interface = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ public_ipv4_pool = (known after apply)
+ tags = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ tags_all = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ vpc = true
}
### module.subnets.aws_nat_gateway.default[0] will be created
+ resource "aws_nat_gateway" "default" {
+ allocation_id = (known after apply)
+ connectivity_type = "public"
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ subnet_id = (known after apply)
+ tags = {
+ "Attributes" = "nat"
+ "Name" = "eg-test-ecs-alb-service-task-nat-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Attributes" = "nat"
+ "Name" = "eg-test-ecs-alb-service-task-nat-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
}
### module.subnets.aws_nat_gateway.default[1] will be created
+ resource "aws_nat_gateway" "default" {
+ allocation_id = (known after apply)
+ connectivity_type = "public"
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ subnet_id = (known after apply)
+ tags = {
+ "Attributes" = "nat"
+ "Name" = "eg-test-ecs-alb-service-task-nat-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Attributes" = "nat"
+ "Name" = "eg-test-ecs-alb-service-task-nat-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
}
### module.subnets.aws_network_acl.private[0] will be created
+ resource "aws_network_acl" "private" {
+ arn = (known after apply)
+ egress = [
+ {
+ action = "allow"
+ cidr_block = "0.0.0.0/0"
+ from_port = 0
+ icmp_code = null
+ icmp_type = null
+ ipv6_cidr_block = ""
+ protocol = "-1"
+ rule_no = 100
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ action = "allow"
+ cidr_block = "0.0.0.0/0"
+ from_port = 0
+ icmp_code = null
+ icmp_type = null
+ ipv6_cidr_block = ""
+ protocol = "-1"
+ rule_no = 100
+ to_port = 0
},
]
+ owner_id = (known after apply)
+ subnet_ids = (known after apply)
+ tags = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ tags_all = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ vpc_id = (known after apply)
}
### module.subnets.aws_network_acl.public[0] will be created
+ resource "aws_network_acl" "public" {
+ arn = (known after apply)
+ egress = [
+ {
+ action = "allow"
+ cidr_block = "0.0.0.0/0"
+ from_port = 0
+ icmp_code = null
+ icmp_type = null
+ ipv6_cidr_block = ""
+ protocol = "-1"
+ rule_no = 100
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ action = "allow"
+ cidr_block = "0.0.0.0/0"
+ from_port = 0
+ icmp_code = null
+ icmp_type = null
+ ipv6_cidr_block = ""
+ protocol = "-1"
+ rule_no = 100
+ to_port = 0
},
]
+ owner_id = (known after apply)
+ subnet_ids = (known after apply)
+ tags = {
+ "Attributes" = "public"
+ "Name" = "eg-test-ecs-alb-service-task-public"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "public"
}
+ tags_all = {
+ "Attributes" = "public"
+ "Name" = "eg-test-ecs-alb-service-task-public"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "public"
}
+ vpc_id = (known after apply)
}
### module.subnets.aws_route.default[0] will be created
+ resource "aws_route" "default" {
+ destination_cidr_block = "0.0.0.0/0"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ nat_gateway_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
+ timeouts {
+ create = "2m"
+ delete = "5m"
}
}
### module.subnets.aws_route.default[1] will be created
+ resource "aws_route" "default" {
+ destination_cidr_block = "0.0.0.0/0"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ nat_gateway_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
+ timeouts {
+ create = "2m"
+ delete = "5m"
}
}
### module.subnets.aws_route.public[0] will be created
+ resource "aws_route" "public" {
+ destination_cidr_block = "0.0.0.0/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
+ timeouts {
+ create = "2m"
+ delete = "5m"
}
}
### module.subnets.aws_route_table.private[0] will be created
+ resource "aws_route_table" "private" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ tags_all = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ vpc_id = (known after apply)
}
### module.subnets.aws_route_table.private[1] will be created
+ resource "aws_route_table" "private" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ tags_all = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ vpc_id = (known after apply)
}
### module.subnets.aws_route_table.public[0] will be created
+ resource "aws_route_table" "public" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Attributes" = "public"
+ "Name" = "eg-test-ecs-alb-service-task-public"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "public"
}
+ tags_all = {
+ "Attributes" = "public"
+ "Name" = "eg-test-ecs-alb-service-task-public"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "public"
}
+ vpc_id = (known after apply)
}
### module.subnets.aws_route_table_association.private[0] will be created
+ resource "aws_route_table_association" "private" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
### module.subnets.aws_route_table_association.private[1] will be created
+ resource "aws_route_table_association" "private" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
### module.subnets.aws_route_table_association.public[0] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
### module.subnets.aws_route_table_association.public[1] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
### module.subnets.aws_subnet.private[0] will be created
+ resource "aws_subnet" "private" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2a"
+ availability_zone_id = (known after apply)
+ cidr_block = "172.16.0.0/19"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ tags_all = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ vpc_id = (known after apply)
}
### module.subnets.aws_subnet.private[1] will be created
+ resource "aws_subnet" "private" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2b"
+ availability_zone_id = (known after apply)
+ cidr_block = "172.16.32.0/19"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ tags_all = {
+ "Attributes" = "private"
+ "Name" = "eg-test-ecs-alb-service-task-private-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "private"
}
+ vpc_id = (known after apply)
}
### module.subnets.aws_subnet.public[0] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2a"
+ availability_zone_id = (known after apply)
+ cidr_block = "172.16.96.0/19"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Attributes" = "public"
+ "Name" = "eg-test-ecs-alb-service-task-public-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "public"
}
+ tags_all = {
+ "Attributes" = "public"
+ "Name" = "eg-test-ecs-alb-service-task-public-use2a"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "public"
}
+ vpc_id = (known after apply)
}
### module.subnets.aws_subnet.public[1] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-2b"
+ availability_zone_id = (known after apply)
+ cidr_block = "172.16.128.0/19"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Attributes" = "public"
+ "Name" = "eg-test-ecs-alb-service-task-public-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "public"
}
+ tags_all = {
+ "Attributes" = "public"
+ "Name" = "eg-test-ecs-alb-service-task-public-use2b"
+ "Namespace" = "eg"
+ "Stage" = "test"
+ "cpco.io/subnet/type" = "public"
}
+ vpc_id = (known after apply)
}
### module.vpc.aws_default_security_group.default[0] will be created
+ resource "aws_default_security_group" "default" {
+ arn = (known after apply)
+ description = (known after apply)
+ egress = (known after apply)
+ id = (known after apply)
+ ingress = (known after apply)
+ name = (known after apply)
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "Default Security Group"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Name" = "Default Security Group"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ vpc_id = (known after apply)
}
### module.vpc.aws_internet_gateway.default[0] will be created
+ resource "aws_internet_gateway" "default" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "eg-test-ecs-alb-service-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Name" = "eg-test-ecs-alb-service-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ vpc_id = (known after apply)
}
### module.vpc.aws_vpc.default[0] will be created
+ resource "aws_vpc" "default" {
+ arn = (known after apply)
+ assign_generated_ipv6_cidr_block = true
+ cidr_block = "172.16.0.0/16"
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_classiclink = false
+ enable_classiclink_dns_support = false
+ enable_dns_hostnames = true
+ enable_dns_support = true
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_network_border_group = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "eg-test-ecs-alb-service-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
+ tags_all = {
+ "Name" = "eg-test-ecs-alb-service-task"
+ "Namespace" = "eg"
+ "Stage" = "test"
}
}
Plan: 30 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ container_definition_json = jsonencode(
[
+ {
+ cpu = 256
+ environment = [
+ {
+ name = "false_boolean_var"
+ value = "false"
},
+ {
+ name = "integer_var"
+ value = "42"
},
+ {
+ name = "string_var"
+ value = "I am a string"
},
+ {
+ name = "true_boolean_var"
+ value = "true"
},
]
+ essential = true
+ image = "cloudposse/geodesic"
+ memory = 256
+ memoryReservation = 128
+ mountPoints = []
+ name = "geodesic"
+ portMappings = [
+ {
+ containerPort = 80
+ hostPort = 80
+ protocol = "tcp"
},
+ {
+ containerPort = 443
+ hostPort = 443
+ protocol = "udp"
},
]
+ readonlyRootFilesystem = false
+ volumesFrom = []
},
]
)
+ container_definition_json_map = jsonencode(
{
+ cpu = 256
+ environment = [
+ {
+ name = "false_boolean_var"
+ value = "false"
},
+ {
+ name = "integer_var"
+ value = "42"
},
+ {
+ name = "string_var"
+ value = "I am a string"
},
+ {
+ name = "true_boolean_var"
+ value = "true"
},
]
+ essential = true
+ image = "cloudposse/geodesic"
+ memory = 256
+ memoryReservation = 128
+ mountPoints = []
+ name = "geodesic"
+ portMappings = [
+ {
+ containerPort = 80
+ hostPort = 80
+ protocol = "tcp"
},
+ {
+ containerPort = 443
+ hostPort = 443
+ protocol = "udp"
},
]
+ readonlyRootFilesystem = false
+ volumesFrom = []
}
)
+ ecs_cluster_arn = (known after apply)
+ ecs_cluster_id = (known after apply)
+ ecs_exec_role_policy_id = (known after apply)
+ ecs_exec_role_policy_name = "eg-test-ecs-alb-service-task-exec"
+ private_subnet_cidrs = [
+ "172.16.0.0/19",
+ "172.16.32.0/19",
]
+ public_subnet_cidrs = [
+ "172.16.96.0/19",
+ "172.16.128.0/19",
]
+ service_security_group_id = (known after apply)
+ task_definition_family = "eg-test-ecs-alb-service-task"
+ task_definition_revision = (known after apply)
+ task_exec_role_arn = (known after apply)
+ task_exec_role_name = "eg-test-ecs-alb-service-task-exec"
+ task_role_arn = (known after apply)
+ task_role_id = (known after apply)
+ task_role_name = "eg-test-ecs-alb-service-task-task"
+ vpc_cidr = "172.16.0.0/16"
╷
│ Warning: Argument is deprecated
│
│ with module.subnets.aws_route.nat_instance,
│ on .terraform/modules/subnets/nat-instance.tf line 130, in resource "aws_route" "nat_instance":
│ 130: instance_id = element(aws_instance.nat_instance.*.id, count.index)
│
│ Use network_interface_id instead
v0.66.0
Add ecs_service_enabled @nitrocode (#169)
what
- Add ecs_service_enabled
why
- Create all the underlying resources but skip the ecs service. This is useful when creating a run-once task such as for db migrations.
references
N/A
v0.65.0
BUG | Support Dynamic deployment_circuit_breaker for CODE_DEPLOY @lgants (#165)
what
- The
deployment_circuit_breakeroption is now a dynamic block with a conditional for thedeployment_controller_typevalue
why
- This PR fixes an issue when using
CODE_DEPLOYdeployment_circuit_breakeroption. - Previously, the
deployment_circuit_breakerwas always included as part of the module. However, the AWS DeploymentCircuitBreaker documentation states":
The deployment circuit breaker can only be used for services using the rolling update (ECS) deployment type that aren't behind a Classic Load Balancer.
Consequently, when using CODE_DEPLOY for deployment_circuit_breaker with this module, the state is consistently out of sync with the remote, which attempts to sync with the remote on every update.
references
- AWS DeploymentCircuitBreaker documentation: https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeploymentCircuitBreaker.html
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
![mergify[bot] avatar](https://avatars.githubusercontent.com/in/10562?v=4 "Published by a pub.dev verified publisher"){kind=small}
Edited/Blocked Notification
Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.
You can manually request rebase by checking the rebase/retry box above.
⚠️ Warning: custom changes will be lost.