Terraform module to setup ECS Fargate or ECS EC2.
New variable "launch_type" can be "FARGATE" or "EC2"
module "ecs" {
source = "github.com/lean-delivery/tf-module-aws-ecs"
project = "Project"
environment = "dev"
service = "service-name"
vpc_id = "vpc-eizox8ea"
subnets = ["subnet-sait0aiw", "subnet-op8phee4", "subnet-eego9xoo"]
availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
alb_target_group_arn = "arn:aws:elasticloadbalancing:< region >:< account ID >:targetgroup/< target group name >/< target group id >"
container_port = "80"
container_definitions = <<EOF
"name": "first",
"image": "service-first",
"cpu": 10,
"memory": 512,
"essential": true,
"portMappings": [
"containerPort": 80,
"hostPort": 80
Name | Description | Type | Default | Required |
alb_target_group_arn | ARN of target group | string | - | yes |
container_cpu | Amount of cpu used by the task | string | 512 |
no |
container_definitions | Fargate container definition | string | see default value bellow this table | no |
container_memory | Amount of memory used by the task | string | 1024 |
no |
container_port | exposed port in container | string | 80 |
no |
ecs_cluster_id | ID of existing ECS cluster (if want to attach service and etc to existing cluster) | string | none |
no |
environment | Environment name is used to identify resources | string | env |
no |
health_check_grace_period_seconds | Seconds to ignore failing load balancer health checks on newly instantiated tasks | string | 30 |
no |
project | Project name is used to identify resources | string | test |
no |
service | Service name (will be used as family name in task definition) | string | SuperService |
no |
subnets | List of subnets where to run ECS Service | list | - | yes |
tags | Additional tags for all resources | map | <map> |
no |
task_role_arn | ARN of IAM role that should be passed into container to access AWS resources from it. | string | `` | no |
use_existant_cluster | Bool statement to declare usage of existant ECS cluster | string | false |
no |
instance_type | Instance type of nodes for ECS with "EC2" launch type | string | t2.small |
no |
launch_type | Launch type for ECS (FARGATE or EC2 ) | string | FARGATE |
no |
volume_type | Volume type for EC2 | string | standard |
no |
volume_size | Volume size for EC2 | string | 100 |
no |
autoscaling_min_capacity | Amount of min running task or EC2 instances | string | 1 |
no |
autoscaling_max_capacity | Amount of max running task or EC2 instances | string | 10 |
no |
autoscaling_cpu_high_threshold | Autoscaling CPU threshold for scale-up | string | 50 |
no |
autoscaling_cpu_low_threshold | Autoscaling CPU threshold for scale-down | string | 40 |
no |
availability_zones | List of availability zones which will be provisined by autoscailing group | list | [] |
yes |
vpc_id | The ID of VPC | string | - | yes |
create_security_group | To create or not own security group for service | string | true |
no |
security_groups | List of existing security groups to be reused if create_security_group is false | list | [] |
no |
assign_public_ip | To assign or not public ip to task | string | false |
no |
use_fargate_spot | To use or not spot tasks in Fargate | string | false |
no |
"name": "SuperService-env",
"cpu": 512,
"memory": 512,
"image": "nginx:alpine",
"essential": true,
"portMappings": [
"containerPort": 80,
"hostPort": 80
Name | Description |
ecs_cluster_arn | ECS cluster ARN |
ecs_cluster_id | ECS cluster ID |
ecs_cluster_name | ECS cluster name |
ecs_service_iam_role_arn | ARN fo created ECS service |
ecs_service_iam_role_name | Name of IAM role that attached to ECS service |
ecs_task_execution_container_cpu | Amount of cpu used by the task |
ecs_task_execution_container_memory | Amount of memory used by the task |
ecs_task_execution_iam_role_arn | Arn of IAM role that attached to ECS task execution |
ecs_task_execution_iam_role_name | Name of IAM role that attached to ECS task execution |
security_group_description | The description of the security group. |
security_group_id | The ID of the security group. |
security_group_name | The name of the security group. |
security_group_owner_id | The owner ID. |
security_group_vpc_id | The VPC ID. |
Apache2.0 Licensed. See LICENSE for full details.