Multiple Service Connect Configuration Blocks #146
Description
Is your request related to a new offering from AWS?
Is this functionality available in the AWS provider for Terraform? See CHANGELOG.md, too.
- Yes ✅: please list the AWS provider version which introduced this functionality:
>= v4.55.0
Is your request related to a problem? Please describe.
Since v4.55.0 terraform-provider-aws aws_ecs_service resource supports multiple service connect configuration blocks inside service_connect_configuration
terraform-aws-modules/ecs/aws allows only single service connect configuration:
service_connect_configuration = {
enabled = true
namespace = var.service_discovery_namespace_arn
log_configuration = {
log_driver = "awslogs"
options = {
awslogs-group = "ecs-web-service-connect"
awslogs-region = "eu-west-1"
awslogs-stream-prefix = "streaming"
}
}
# Won't apply
service = {
client_alias = {
dns_name = "api.local"
port = "8080"
}
discovery_name = "api-local"
port_name = "api-local"
}
# Won't apply
service = {
client_alias = {
dns_name = "client.local"
port = "3000"
}
discovery_name = "client-local"
port_name = "client-local"
}
# Will apply
service = {
client_alias = {
dns_name = "dashboard.local"
port = "3001"
}
discovery_name = "dashboard-local"
port_name = "dashboard-local"
}
}See hashicorp/terraform-provider-aws#28754
Describe the solution you'd like.
Allow to pass a list of Service Connect configuration blocks as in hashicorp/terraform-provider-aws#28754
Describe alternatives you've considered.
At present moment I need to manually add Service Connect configuration through AWS console after applying Terraform:
Additional context
module "ecs" {
source = "terraform-aws-modules/ecs/aws"
cluster_name = local.cluster_name
cluster_service_connect_defaults = {
namespace = aws_service_discovery_http_namespace.http_namespace.arn
}
cluster_settings = {
name = "containerInsights",
value = "disabled"
}
task_exec_secret_arns = [module.service_user.access_key_secret_id, module.service_user.secret_key_secret_id]
default_capacity_provider_use_fargate = false
autoscaling_capacity_providers = {
web = {
auto_scaling_group_arn = module.web_autoscaling.autoscaling_group_arn
managed_scaling = local.managed_scaling
default_capacity_provider_strategy = local.default_capacity_provider_strategy
}
}
services = {
web = {
desired_count = 1 # t4g.micro cannot have more than one ENIs https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI
deployment_minimum_healthy_percent = 100
deployment_maximum_percent = 200
cluster_arn = var.cluster_arn
cpu = 2048,
memory = 1934,
network_mode = "awsvpc", // use awsvpc with network load balancer to enable rolling deployment
requires_compatibilities = ["EC2"]
capacity_provider_strategy = {
web = {
capacity_provider = var.capacity_provider_name
weight = 1
base = 1
}
}
#assign_public_ip = true # works only for fargate
enable_autoscaling = false
runtime_platform = {
cpu_architecture = "ARM64"
operating_system_family = "LINUX"
}
volume = {
caddy-data = {
efs_volume_configuration = {
file_system_id = var.caddy_file_system_id
transit_encryption = "ENABLED"
authorization_config = {
access_point_id = var.caddy_data_access_point_id
iam = "ENABLED"
}
}
}
caddy-config = {
efs_volume_configuration = {
file_system_id = var.caddy_file_system_id
transit_encryption = "ENABLED"
authorization_config = {
access_point_id = var.caddy_config_access_point_id
iam = "ENABLED"
}
}
}
client-cache = {
efs_volume_configuration = {
file_system_id = var.next_file_system_id
transit_encryption = "ENABLED"
authorization_config = {
access_point_id = var.next_client_access_point_id
iam = "ENABLED"
}
}
}
dashboard-cache = {
efs_volume_configuration = {
file_system_id = var.next_file_system_id
transit_encryption = "ENABLED"
authorization_config = {
access_point_id = var.next_dashboard_access_point_id
iam = "ENABLED"
}
}
}
}
container_definitions = {
caddy = module.caddy_container.container_definition
api = module.api_container.container_definition
client = module.client_container.container_definition
dashboard = module.dashboard_container.container_definition
}
subnet_ids = var.subnet_ids
create_security_group = false
service_connect_configuration = {
enabled = true
namespace = var.service_discovery_namespace_arn
log_configuration = {
log_driver = "awslogs"
options = {
awslogs-group = "ecs-web-service-connect"
awslogs-region = "eu-west-1"
awslogs-stream-prefix = "streaming"
}
}
# !!! Following service connect configuration should be added manually due to terraform-aws-modules/ecs limitation
service = {
client_alias = {
dns_name = "api.local"
port = "8080"
}
discovery_name = "api-local"
port_name = "api-local"
}
# !!! Following service connect configuration should be added manually due to terraform-aws-modules/ecs limitation
service = {
client_alias = {
dns_name = "client.local"
port = "3000"
}
discovery_name = "client-local"
port_name = "client-local"
}
service = {
client_alias = {
dns_name = "dashboard.local"
port = "3001"
}
discovery_name = "dashboard-local"
port_name = "dashboard-local"
}
}
load_balancer = {
caddy-http = {
target_group_arn = var.load_balancer_http_target_arn
container_name = "caddy"
container_port = 80
},
caddy-https = {
target_group_arn = var.load_balancer_https_target_arn
container_name = "caddy"
container_port = 443
}
}
}
}
tags = local.tags
}