Working parametrized fargate ecs template

aws_fargate/alb.tf

@@ -34,7 +34,3 @@ resource "aws_alb_listener" "api_http_listener" {
     target_group_arn = aws_lb_target_group.api_lb_target.arn
   }
 }
-
-output "alb_url" {
-  value = "http://${aws_alb.api_lb.dns_name}"
-}

aws_fargate/ecs.tf

@@ -35,25 +35,23 @@ resource "aws_ecs_task_definition" "api_task" {
   requires_compatibilities = ["FARGATE"]
   network_mode             = "awsvpc"
 
-  container_definitions = jsonencode([
+  container_definitions = jsonencode([{
+    name: "${local.api_name}",
+    image: "${var.container_image}",
+    portMappings : [
       {
-      name  = local.api_name,
-      image = var.container_image,
-      portMappings = [
-        {
-          containerPort = 3000
+        containerPort : 3000
       }
     ],
-      logConfiguration = {
-        logDriver = "awslogs",
-        options = {
-          awslogs-region        = var.region,
-          awslogs-group         = "/ecs/${local.api_name}",
-          awslogs-stream-prefix = "ecs"
-        }
+    logConfiguration : {
+      logDriver : "awslogs",
+      options : {
+        awslogs-region : "${var.region}",
+        awslogs-group : "/ecs/${local.api_name}",
+        awslogs-stream-prefix : "ecs"
       }
     }
-  ])
+  }])
 }
 
 resource "aws_cloudwatch_log_group" "log_group" {

aws_fargate/iam.tf

@@ -29,12 +29,13 @@ data "aws_iam_policy_document" "ecs_exec_policy_statement" {
   }
 }
 
-resource "aws_iam_policy" "ecs_exec_policy" {
-  name   = "${var.project}-ecs_exec_policy"
-  policy = data.aws_iam_policy_document.ecs_exec_policy_statement.json
+data "aws_iam_policy" "ecs_exec_policy" {
+#   name   = "${var.project}-ecs_exec_policy"
+#   policy = data.aws_iam_policy_document.ecs_exec_policy_statement.json
+# }
+  arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
 }
-
 resource "aws_iam_role_policy_attachment" "ecs_exec_iam_attach_rules" {
   role       = aws_iam_role.api_exec_role.name
-  policy_arn = aws_iam_policy.ecs_exec_policy.arn
+  policy_arn = data.aws_iam_policy.ecs_exec_policy.arn
 }

aws_fargate/network.tf

@@ -44,12 +44,11 @@ resource "aws_route_table_association" "public_subnet" {
 }
 
 resource "aws_route_table_association" "private_subnet" {
-  subnet_id      = aws_subnet.private_subnet[0].id
+  subnet_id      = aws_subnet.private_subnet[1].id
   route_table_id = aws_route_table.private.id
 }
 
 resource "aws_eip" "nat" {
-  vpc = true
 }
 
 resource "aws_internet_gateway" "igw" {
@@ -57,7 +56,7 @@ resource "aws_internet_gateway" "igw" {
 }
 
 resource "aws_nat_gateway" "ngw" {
-  subnet_id     = aws_subnet.private_subnet[0].id
+  subnet_id     = aws_subnet.public_subnet[0].id
   allocation_id = aws_eip.nat.id
   depends_on    = [aws_internet_gateway.igw]
 }

aws_fargate/outputs.tf

@@ -1,4 +1,3 @@
-# output "ecs-ip" {
-#   description = "ecs-ip"
-#   value = [for s in aws_eip.nat.map : s.public_ip]
-# }
+output "alb_url" {
+  value = "http://${aws_alb.api_lb.dns_name}"
+}

aws_fargate/variables.tf

@@ -11,7 +11,7 @@ variable "project" {
 }
 
 variable "container_image" {
-  default = "ghcr.io/jimmysawczuk/sun-api:latest"
+  default = "mohitmutha/simplefastifyservice"
 }
 
 variable "zones" {
@@ -28,7 +28,7 @@ variable "public_subnets" {
   type        = map(any)
   default = {
     "ap-southeast-2a" = "10.0.1.0/25"
-    "ap-southeast-2b" = "10.0.2.0/25"
+    "ap-southeast-2b" = "10.0.1.128/25"
     "ap-southeast-2c" = "10.0.3.0/25"
   }
 }
@@ -37,7 +37,7 @@ variable "private_subnets" {
   description = "Availability zone for instance associated with ip ranges"
   type        = map(any)
   default = {
-    "ap-southeast-2a" = "10.0.1.128/25"
+    "ap-southeast-2a" = "10.0.2.0/25"
     "ap-southeast-2b" = "10.0.2.128/25"
     "ap-southeast-2c" = "10.0.3.128/25"
   }