module-base-ecs-cluster
This terraform module allow creates an ECS Cluster with necessary configuration
how Container Insight, Capacity Provider, Log Group and Discovery Namespace
This module is prepared to create a log group and configure it in the ECS cluster with the default configuration,
to do this you must set the create_log_group variable to true.
|
If you do not want to create the log group and perform the configuration you must inform the cluster_configuration variable and this variable admits the following fields or parameters:
|
execute_command_configuration - (Optional) The details of the execute command configuration. Detailed below.
execute_command_configuration:
kms_key_id - (Optional) The AWS Key Management Service key ID to encrypt the data between the local client and the container.
log_configuration - (Optional) The log configuration for the results of the execute command actions Required when logging is OVERRIDE. Detailed below.
logging - (Optional) The log setting to use for redirecting logs for your execute command results. Valid values are NONE, DEFAULT, and OVERRIDE.
log_configuration:
cloud_watch_encryption_enabled - (Optional) Whether or not to enable encryption on the CloudWatch logs. If not specified, encryption will be disabled.
cloud_watch_log_group_name - (Optional) The name of the CloudWatch log group to send logs to.
s3_bucket_name - (Optional) The name of the S3 bucket to send logs to.
s3_bucket_encryption_enabled - (Optional) Whether or not to enable encryption on the logs sent to S3. If not specified, encryption will be disabled.
s3_key_prefix - (Optional) An optional folder in the S3 bucket to place logs in.
This module is prepared to create a Dicovery Namespace and configure it in the ECS cluster with the default configuration,
to do this you must set the create_discovery_namespace variable to true.
|
Usage example
Basic
module "cluster" {
source = "git::https://gitlab.vectoritcgroup.com/vectordigital/iac/terraform/modules/aws/compute/module-base-ecs-cluster.git?ref=vX.Y.Z"
prefix = var.prefix
aws_region = var.aws_region
name = var.name
tags = local.tags
}Basic with containerInsights enabled
module "cluster" {
source = "git::https://gitlab.vectoritcgroup.com/vectordigital/iac/terraform/modules/aws/compute/module-base-ecs-cluster.git?ref=vX.Y.Z"
prefix = var.prefix
aws_region = var.aws_region
name = var.name
container_insights = true
tags = local.tags
}Complete with default_capacity_provider_strategy
module "cluster" {
source = "git::https://gitlab.vectoritcgroup.com/vectordigital/iac/terraform/modules/aws/compute/module-base-ecs-cluster.git?ref=vX.Y.Z"
prefix = var.prefix
aws_region = var.aws_region
name = var.name
default_capacity_provider_strategy = [
{
capacity_provider = "FARGATE_SPOT"
weight = 1
base = 0
}
]
tags = local.tags
}Complete with default_capacity_provider_strategy and extra_capacity_providers
module "cluster" {
source = "git::https://gitlab.vectoritcgroup.com/vectordigital/iac/terraform/modules/aws/compute/module-base-ecs-cluster.git?ref=vX.Y.Z"
prefix = var.prefix
aws_region = var.aws_region
name = var.name
default_capacity_provider_strategy = [
{
capacity_provider = "FARGATE"
weight = 1
base = 0
},
{
capacity_provider = "FARGATE_SPOT"
weight = 1
base = 0
}
]
extra_capacity_providers = ["TEST"]
tags = local.tags
}Complete with default_capacity_provider_strategy, extra_capacity_providers, create log group with default and basic configuration and discovery namespace
module "cluster" {
source = "git::https://gitlab.vectoritcgroup.com/vectordigital/iac/terraform/modules/aws/compute/module-base-ecs-cluster.git?ref=vX.Y.Z"
prefix = var.prefix
aws_region = var.aws_region
name = var.name
create_discovery_namespace = true
create_log_group = true
default_capacity_provider_strategy = [
{
capacity_provider = "FARGATE"
weight = 1
base = 0
},
{
capacity_provider = "FARGATE_SPOT"
weight = 1
base = 0
}
]
extra_capacity_providers = ["TEST"]
tags = local.tags
}Complete with default_capacity_provider_strategy, extra_capacity_providers, create log group with custom configuration
module "cluster" {
source = "git::https://gitlab.vectoritcgroup.com/vectordigital/iac/terraform/modules/aws/compute/module-base-ecs-cluster.git?ref=vX.Y.Z"
prefix = var.prefix
aws_region = var.aws_region
name = var.name
create_log_group = true
cluster_configuration = {
execute_command_configuration = {
logging = "OVERRIDE"
log_configuration = {
cloud_watch_encryption_enabled = true
s3_bucket_name = "s3-bucket-name"
s3_bucket_encryption_enabled = true
}
}
}
default_capacity_provider_strategy = [
{
capacity_provider = "FARGATE"
weight = 1
base = 0
},
{
capacity_provider = "FARGATE_SPOT"
weight = 1
base = 0
}
]
extra_capacity_providers = ["TEST"]
tags = local.tags
}Complete with default_capacity_provider_strategy, extra_capacity_providers, custom configuration to execute_command_configuration without create log group and create discovery namespace and with containerInsights enabled
module "cluster" {
source = "git::https://gitlab.vectoritcgroup.com/vectordigital/iac/terraform/modules/aws/compute/module-base-ecs-cluster.git?ref=vX.Y.Z"
prefix = var.prefix
aws_region = var.aws_region
name = var.name
container_insights = true
create_discovery_namespace = true
cluster_configuration = {
execute_command_configuration = {
logging = "OVERRIDE"
log_configuration = {
cloud_watch_encryption_enabled = true
cloud_watch_log_group_name = "/aws/ecs/aws-ec2"
s3_bucket_name = "mmm"
s3_bucket_encryption_enabled = true
}
}
}
default_capacity_provider_strategy = [
{
capacity_provider = "FARGATE"
weight = 1
base = 0
},
{
capacity_provider = "FARGATE_SPOT"
weight = 1
base = 0
}
]
extra_capacity_providers = ["TEST"]
tags = local.tags
}Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
AWS Region name where the ECS cluster will be deployed |
|
n/a |
yes |
|
The execute command configuration for the cluster |
|
|
no |
|
Determines whether a service_discovery_namespace is created by this module for the cluster service_connect_defaults |
|
|
no |
|
Determines whether a log group is created by this module for the cluster logs. If not, AWS will automatically create one if logging is enabled |
|
|
no |
|
Custom name of CloudWatch Log Group for ECS cluster |
|
|
no |
|
The capacity provider strategy to use by default for the cluster. Can be one or more |
|
|
no |
|
If is |
|
|
no |
|
Allow attach to Cluster an existing capacity providers |
|
|
no |
|
If a KMS Key ARN is set, this key will be used to encrypt the corresponding log group. Please be sure that the KMS Key has an appropriate key policy (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html) |
|
|
no |
|
Number of days to retain log events |
|
|
no |
|
The name of the ECS cluster (up to 255 letters, numbers, hyphens, and underscores) |
|
n/a |
yes |
|
The prefix to be attached to every resource name |
|
n/a |
yes |
|
Specific tags for all module resources |
|
n/a |
yes |