diff --git a/aws_fargate/alb.tf b/aws_fargate/alb.tf index 37d8f4d..b3d7c9f 100644 --- a/aws_fargate/alb.tf +++ b/aws_fargate/alb.tf @@ -1,6 +1,6 @@ resource "aws_lb_target_group" "api_lb_target" { - name = "my-api" - port = 3000 + name = "${var.project}-target-group" + port = var.service_port protocol = "HTTP" target_type = "ip" vpc_id = aws_vpc.app_vpc.id diff --git a/aws_fargate/ecs.tf b/aws_fargate/ecs.tf index 1a75ed6..5f12f05 100644 --- a/aws_fargate/ecs.tf +++ b/aws_fargate/ecs.tf @@ -1,20 +1,16 @@ -locals { - api_name = "${var.project}-api" -} - resource "aws_ecs_cluster" "my_cluster" { - name = "my_cluster" + name = "${var.project}_cluster" } resource "aws_ecs_service" "api_ecs" { - name = local.api_name + name = var.api_name task_definition = aws_ecs_task_definition.api_task.arn cluster = aws_ecs_cluster.my_cluster.id launch_type = "FARGATE" load_balancer { target_group_arn = aws_lb_target_group.api_lb_target.arn - container_name = local.api_name - container_port = "3000" + container_name = var.api_name + container_port = "${var.service_port}" } desired_count = 1 network_configuration { @@ -28,7 +24,7 @@ resource "aws_ecs_service" "api_ecs" { } resource "aws_ecs_task_definition" "api_task" { - family = local.api_name + family = var.api_name execution_role_arn = aws_iam_role.api_exec_role.arn cpu = 256 memory = 512 @@ -36,18 +32,18 @@ resource "aws_ecs_task_definition" "api_task" { network_mode = "awsvpc" container_definitions = jsonencode([{ - name: "${local.api_name}", - image: "${var.container_image}", + name : "${var.api_name}", + image : "${var.container_image}", portMappings : [ { - containerPort : 3000 + containerPort : var.service_port } ], logConfiguration : { logDriver : "awslogs", options : { awslogs-region : "${var.region}", - awslogs-group : "/ecs/${local.api_name}", + awslogs-group : "/ecs/${var.api_name}", awslogs-stream-prefix : "ecs" } } @@ -55,5 +51,5 @@ resource "aws_ecs_task_definition" "api_task" { } resource "aws_cloudwatch_log_group" "log_group" { - name = "/ecs/${local.api_name}" + name = "/ecs/${var.api_name}" } diff --git a/aws_fargate/iam.tf b/aws_fargate/iam.tf index 432953c..68c20e0 100644 --- a/aws_fargate/iam.tf +++ b/aws_fargate/iam.tf @@ -29,13 +29,12 @@ data "aws_iam_policy_document" "ecs_exec_policy_statement" { } } -data "aws_iam_policy" "ecs_exec_policy" { -# name = "${var.project}-ecs_exec_policy" -# policy = data.aws_iam_policy_document.ecs_exec_policy_statement.json -# } - arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" +resource "aws_iam_policy" "ecs_exec_policy" { + name = "${var.project}-ecs_exec_policy" + policy = data.aws_iam_policy_document.ecs_exec_policy_statement.json } + resource "aws_iam_role_policy_attachment" "ecs_exec_iam_attach_rules" { role = aws_iam_role.api_exec_role.name - policy_arn = data.aws_iam_policy.ecs_exec_policy.arn + policy_arn = aws_iam_policy.ecs_exec_policy.arn } diff --git a/aws_fargate/network.tf b/aws_fargate/network.tf index a79e661..8b62a57 100644 --- a/aws_fargate/network.tf +++ b/aws_fargate/network.tf @@ -114,8 +114,8 @@ resource "aws_security_group" "ingress_api" { description = "Allow ingress to API" vpc_id = aws_vpc.app_vpc.id ingress { - from_port = 3000 - to_port = 3000 + from_port = var.service_port + to_port = var.service_port protocol = "TCP" cidr_blocks = ["0.0.0.0/0"] } diff --git a/aws_fargate/variables.tf b/aws_fargate/variables.tf index 0217983..d925001 100644 --- a/aws_fargate/variables.tf +++ b/aws_fargate/variables.tf @@ -10,13 +10,25 @@ variable "project" { default = "template" } +variable "api_name" { + default = "template-api" +} + variable "container_image" { default = "mohitmutha/simplefastifyservice" } +variable "container_port" { + default = 3000 +} + +variable "service_port" { + default = 3000 +} + variable "zones" { type = set(string) - default = [ + default = [ "ap-southeast-2a", "ap-southeast-2b", "ap-southeast-2c",