Skip to content

Releases: Advanon/terraform-aws-airship-ecs-service

More permissive policies

29 Jun 21:20
@bsAdvanon bsAdvanon
1.1.0
a5e2f73
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
More permissive policies Latest
Latest 
1.1.0

Enable more permissive (read-only) IAM permissions for ECS Task exec …
Assets 2
Loading

Get SSM params-by-path, replace CD mod, add SG, update IAM

24 Jun 06:45
@bsAdvanon bsAdvanon
1.0.0
8eb1af3
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Get SSM params-by-path, replace CD mod, add SG, update IAM 
Add SSM get-by-path support, update IAM, CD mods, add SG (#1)

1) the container definition internal (sub-)module has been replaced with `cloudposse/ecs-container-definition/aws` - additional input vars have been added.
2) an `external` data source/provider is being used with a script to fetch all SSM parameters matching a path and pass them via a `null_resource` as secrets to the container definition
3) The Task Execution Role is now used by both EC2 and Fargate `launch_type`. The execution role incl. ECR permissions
4) Non-secret(SSM-based) environment variables can be passed as a list of maps to `container_envvars`
5) ECS service tasks have their own security group which allows all VPC traffic ingress, and egress to `0.0.0.0/0`, `concat` with a list provided as `awsvpc_security_group_ids`
6) Adds a `aws_vpc` data source based on the name provided as a (mandatory) input
Assets 2
Loading