terraform-aws-ecs-deployment

Terraform module to deploy production-ready applications and services on an existing ECS infra.

Architecture Diagram

Requirements

Name	Version
terraform	>= 1.6.0
aws	~> 5.0

Providers

Name	Version
aws	~> 5.0

Modules

Name	Source	Version
acm	./modules/acm	n/a
alb	./modules/alb	n/a
capacity_provider	./modules/capacity-provider	n/a
s3_bucket	./modules/s3-bucket	n/a

Resources

Name	Type
aws_ecs_service.this	resource
aws_ecs_task_definition.this	resource
aws_elb_service_account.this	data source

Inputs

Name	Description	Type	Default	Required
acm_certificates	ACM certificates to create.	map(object({ domain_name = string subject_alternative_names = optional(list(string), []) validation_method = optional(string, "DNS") key_algorithm = optional(string, "RSA_2048") validation_option = optional(object({ domain_name = string validation_domain = string })) tags = optional(map(string), {}) record_zone_id = string record_allow_overwrite = optional(bool, true) }))	{}	no
capacity_provider_default_auto_scaling_group_arn	ARN for this Auto Scaling Group.	string	null	no
capacity_providers	Capacity Providers to associate with the ECS Cluster.	any	{}	no
cluster_name	(Required) Name of the cluster.	string	n/a	yes
create_acm	Creates the ACM certificates to use with the Load Balancer.	bool	false	no
create_alb	Creates a new Application Load Balancer to use with the ECS Service.	bool	true	no
create_capacity_provider	Creates a new Capacity Provider to use with the Autoscaling Group.	bool	true	no
create_s3_bucket_for_alb_logging	(Optional) Creates S3 bucket for storing ALB Access and Connection Logs.	bool	true	no
default_capacity_providers_strategies	(Optional) Set of capacity provider strategies to use by default for the cluster.	any	[]	no
load_balancer	Configuration for the Application Load Balancer.	object({ name = optional(string) internal = optional(bool, false) subnets_ids = optional(list(string), []) security_groups_ids = optional(list(string), []) preserve_host_header = optional(bool) enable_deletion_protection = optional(bool, false) access_logs = optional(any, null) connection_logs = optional(any, null) target_groups = optional(any, {}) listeners = optional(any, {}) listener_rules = optional(any, {}) tags = optional(map(string), {}) })	{}	no
s3_bucket_force_destroy	(Optional, Default:false) Boolean that indicates all objects (including any locked objects) should be deleted from the bucket when the bucket is destroyed so that the bucket can be destroyed without error.	bool	false	no
s3_bucket_name	(Optional, Forces new resource) Name of the bucket.	string	null	no
s3_bucket_policy_id_prefix	(Optional) - Prefix of the ID for the policy document.	string	"ecs-deployment-alb-"	no
s3_bucket_tags	(Optional) Map of tags to assign to the bucket.	map(string)	{}	no
s3_elb_service_account_arn	(Optional, Default:null) ARN of the ELB Service Account.	string	null	no
service	Configuration for ECS Service.	object({ name = string deployment_maximum_percent = optional(number) deployment_minimum_healthy_percent = optional(number) desired_count = optional(number) enable_ecs_managed_tags = optional(bool, true) enable_execute_command = optional(bool) force_new_deployment = optional(bool, true) health_check_grace_period_seconds = optional(number) iam_role = optional(string) propagate_tags = optional(string) scheduling_strategy = optional(string) triggers = optional(map(string)) wait_for_steady_state = optional(bool) load_balancer = optional(any, []) network_configuration = optional(any, null) service_connect_configuration = optional(any, null) volume_configuration = optional(any, null) deployment_circuit_breaker = optional(any, null) service_registries = optional(any, null) tags = optional(map(string), {}) })	n/a	yes
task_definition	ECS Task Definition to use for running tasks.	object({ container_definitions = any family = string cpu = optional(string) execution_role_arn = optional(string) ipc_mode = optional(string) memory = optional(string) network_mode = optional(string, "awsvpc") pid_mode = optional(string) skip_destroy = optional(bool) task_role_arn = optional(string) track_latest = optional(bool) runtime_platform = optional(any, null) volume = optional(any, null) tags = optional(map(string), {}) })	n/a	yes
vpc_id	The ID of the VPC.	string	n/a	yes

Outputs

Name	Description
acm_certificate_validation_id	Identifiers of the ACM certificates validation resources.
acm_certificates_arns	ARNs of the ACM certificates.
acm_certificates_ids	Identifiers of the ACM certificates.
acm_route53_records_ids	Identifiers of the Route53 Records for validation of the ACM certificates.
alb_arn	ARN of the load balancer.
alb_dns_name	DNS name of the load balancer.
alb_listener_rules_arns	ARNs of the Listener Rules.
alb_listener_rules_ids	Identifiers of the Listener Rules.
alb_listeners_arns	ARNs of the Listeners.
alb_listeners_ids	Identifiers of the Listeners.
alb_target_groups_arns	ARNs of the Target Groups.
alb_target_groups_ids	Identifiers of the Target Groups.
alb_zone_id	Canonical hosted zone ID of the Load Balancer.
capacity_provider_arns	ARNs for the ECS Capacity Providers.
capacity_provider_ecs_cluster_capacity_providers_id	Identifier for the ECS Cluster Capacity Providers.
capacity_provider_ids	Identifiers for the ECS Capacity Providers.
ecs_service_arn	ARN that identifies the service.
ecs_task_definition_arn	Full ARN of the Task Definition.
s3_bucket_arn	ARN of the bucket.
s3_bucket_id	Name of the bucket.