This module creates an opinionated AWS ECS Fargate cluster, VPC, SecurityGroups, RDS, ElastiCache, and ElasticSearch, resources are created with Spinnaker`s naming conventions and is intended to be used in conjunction synapsestudios/terraform-aws-ecs-deployment, or with a fresh Spinnaker pipeline. This is module is the core module for any new environment.
| Name | Version |
|---|---|
| terraform | ~> 0.12.29 |
| aws | 3.53 |
| null | ~> 2.1 |
| template | ~> 2.1 |
| Name | Version |
|---|---|
| aws | 3.53 |
| Name | Source | Version |
|---|---|---|
| vpc | terraform-aws-modules/vpc/aws | 3.7 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| acm_certificate_arn | ARN of the corresponding ACM SSL to use with the ALB Load Balancer. | string |
n/a | yes |
| alb_access_logs_bucket | Name of existing S3 bucket to store ALB access logs. | string |
n/a | yes |
| alb_ide_timeout | (Optional) The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60. | number |
60 |
no |
| application_name | Name of application. | string |
n/a | yes |
| database_apply_immediately | (Optional) Specifies whether any database modifications are applied immediately, or during the next maintenance window. Default is true |
bool |
true |
no |
| database_backup_retention | Number of days to retain RDS backups. | number |
10 |
no |
| database_backup_window | RDS backup window timeframe. | string |
"00:00-04:00" |
no |
| database_ca_cert | CA Certificate Idendtifier, example: rds-ca-2019 | string |
"rds-ca-2019" |
no |
| database_deletion_protection | If true, terraform will not allow database deletion. | bool |
true |
no |
| database_engine | Database engine to provision. | string |
"postgres" |
no |
| database_engine_version | Database engine to provision. | string |
"9.6.12" |
no |
| database_instance_count | Number of RDS Instances | number |
2 |
no |
| database_instance_type | Database Instance Type. | string |
"db.t2.micro" |
no |
| database_log_types | List of database log type to export to CloudWatch. Options: alert, audit, error, general, listener, slowquery, trace, postgresql, upgrade | list |
[] |
no |
| database_monitoring_interval | (Optional) The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60. | number |
0 |
no |
| database_multi_az | (Optional) Specifies if the RDS instance is multi-AZ | bool |
false |
no |
| database_name | Name of the RDS Database. | string |
n/a | yes |
| database_password | Password for the RDS database. | string |
n/a | yes |
| database_public_cidrs | List of CIDR blocks allowed to connect to database when public access is enabled | list(string) |
[] |
no |
| database_publicly_accessible | (Optional) Bool to control if instance is publicly accessible. Default is false. | bool |
false |
no |
| database_skip_final_snapshot | If true, a database snapshot will NOT be performed before destruction. | bool |
true |
no |
| database_storage_encrypted | (Optional) Specifies whether the DB instance is encrypted. | bool |
false |
no |
| database_storage_size | Storage size in gigabytes to allocate for RDS instances. | number |
10 |
no |
| database_storage_type | EC2 Storage type to use with RDS instances. | string |
"gp2" |
no |
| database_username | Username for the RDS database. | string |
n/a | yes |
| disable_db | If true, this setting will prevent this module from creating an RDS database | bool |
false |
no |
| dns_zone | Name of the DNS zone to use with this deployment. | string |
n/a | yes |
| environment_name | Name of environment. | string |
n/a | yes |
| es_availability_zone_count | (Optional) Number of Availability Zones for the ElasticSearch domain to use with zone_awareness_enabled. Defaults to 2. Valid values: 2 or 3. | number |
2 |
no |
| es_dedicated_master_count | (Optional) Number of dedicated master nodes in the ElasticSearch cluster | number |
null |
no |
| es_dedicated_master_enabled | (Optional) Indicates whether dedicated master nodes are enabled for the ElasticSearch cluster. | bool |
null |
no |
| es_dedicated_master_type | (Optional) Instance type of the dedicated master nodes in the ElasticSearch cluster. | string |
null |
no |
| es_instance_count | Number of instances in the ElasticSearch domain. | number |
3 |
no |
| es_instance_type | The instance type to use with the elastic search domain. | string |
"t2.small.elasticsearch" |
no |
| es_snapshot_hour | Hour of day in which the ElasticSearch domain takes a snapshot. | number |
23 |
no |
| es_version | The version of Elasticsearch to deploy. Defaults to 1.5 | string |
"1.5" |
no |
| es_volume_size | Size in GB of the EBS volumes on the ElasticSearch instances. | number |
10 |
no |
| es_volume_type | Type of EBS volume to use on the ElasticSearch instances. | string |
"gp2" |
no |
| es_zone_awareness_enabled | Optional) Indicates whether zone awareness is enabled on the ElasticSearch domain, set to true for multi-az deployment. To enable awareness with three Availability Zones, the availability_zone_count within the zone_awareness_config must be set to 3. | bool |
false |
no |
| namespace | Determines naming convention of assets. Generally follows DNS naming convention. | string |
n/a | yes |
| private_dns | If true, private DNS zones will be used. | bool |
false |
no |
| redis_cluster_mode | (Optional) Create a native redis cluster. automatic_failover_enabled must be set to true. Cluster Mode documented below. Only 1 cluster_mode block is allowed. | list(object({ replicas_per_node_group = number, num_node_groups = number })) |
[] |
no |
| redis_engine_version | Engine version to use with the ElastiCache Redis deployment. | string |
"5.0.6" |
no |
| redis_instance_count | Number of instances to provision in Redis ElastiCache deployment (Replication Group). | number |
1 |
no |
| redis_instance_type | Instace Type to use in Redis ElastiCache deployment. | string |
"cache.t2.micro" |
no |
| redis_parameter_group_name | Parameter group name to use with ElastiCache Redis deployment. | string |
"default.redis5.0" |
no |
| single_nat_gateway | If true, only one NAT Gateway will be provisioned VS one per AZ. | bool |
true |
no |
| tags | A mapping of tags to assign to the AWS resources. | map(string) |
n/a | yes |
| use_aurora | If true, an Aurora Database cluster will be provisioned. | bool |
false |
no |
| use_elasticsearch | If true, an ElasticSeach Domain will be provisioned. | bool |
false |
no |
| use_redis | If true, a Redis ElastiCache cluster will be provisioned. | bool |
false |
no |
| use_service_discovery | If true, service discovery will be setup using the namespace value as private DNS domain. | bool |
false |
no |
| vpc_cidr | Network CIDR to use for new VPC. | string |
"10.0.0.0/20" |
no |
| Name | Description |
|---|---|
| cluster_name | ECS Cluster name for this environment. |
| database_address | Database endpoint address. |
| database_endpoint | Database Endpoint. |
| database_endpoint_reader | Database Endpoint. |
| database_security_group | Database SecurityGroup ID. |
| database_subnets | List of Database subnet IDs. |
| dns_zone_id | Route53 DNS Zone ID. |
| ecs_cluster_arn | ECS Cluster ARN for this environment. |
| ecs_tasks_security_group | ECS Tasks SecurityGroup ID. |
| elasticsearch_security_group | ElasticSeasrch SecurityGroup ID. |
| es_endpoint | ElasticSearch domain-specific endpoint used to submit index, search, and data upload requests. |
| http_listener_arn | HTTP Listener ARN. |
| https_listener_arn | HTTPS Listener ARN. |
| load_balancer_arn | LoadBalancer ARN. |
| load_balancer_security_group | LoadBalancer SecurityGroup ID. |
| private_subnets | List of Private subnet IDs. |
| public_subnets | List of Public subnet IDs. |
| redis_security_group | Redis SecurityGroup ID. |
| service_discovery_namespace_id | Service Discovery Namespace ID. |
| vpc_id | VPC ID Created for this environment. |