github.com/swisspost/terratest@v0.0.0-20230214120104-7ec6de2e1ae0/examples/terraform-aws-ecs-example/main.tf (about) 1 # --------------------------------------------------------------------------------------------------------------------- 2 # PIN TERRAFORM VERSION TO >= 0.12 3 # The examples have been upgraded to 0.12 syntax 4 # --------------------------------------------------------------------------------------------------------------------- 5 provider "aws" { 6 region = var.region 7 } 8 9 terraform { 10 # This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting 11 # 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it 12 # forwards compatible with 0.13.x code. 13 required_version = ">= 0.12.26" 14 } 15 16 # --------------------------------------------------------------------------------------------------------------------- 17 # DEPLOY INTO THE DEFAULT VPC AND SUBNETS 18 # To keep this example simple, we are deploying into the Default VPC and its subnets. In real-world usage, you should 19 # deploy into a custom VPC and private subnets. 20 # --------------------------------------------------------------------------------------------------------------------- 21 22 data "aws_vpc" "default" { 23 default = true 24 } 25 26 data "aws_subnets" "all" { 27 filter { 28 name = "vpc-id" 29 values = [data.aws_vpc.default.id] 30 } 31 } 32 33 # --------------------------------------------------------------------------------------------------------------------- 34 # CREATE THE ECS CLUSTER 35 # --------------------------------------------------------------------------------------------------------------------- 36 37 resource "aws_ecs_cluster" "example" { 38 name = var.cluster_name 39 } 40 41 # --------------------------------------------------------------------------------------------------------------------- 42 # CREATE THE ECS SERVICE AND ITS TASK DEFINITION 43 # --------------------------------------------------------------------------------------------------------------------- 44 45 resource "aws_ecs_service" "example" { 46 name = var.service_name 47 cluster = aws_ecs_cluster.example.arn 48 task_definition = aws_ecs_task_definition.example.arn 49 desired_count = 0 50 launch_type = "FARGATE" 51 52 network_configuration { 53 subnets = data.aws_subnets.all.ids 54 } 55 } 56 57 resource "aws_ecs_task_definition" "example" { 58 family = "terratest" 59 network_mode = "awsvpc" 60 cpu = 256 61 memory = 512 62 requires_compatibilities = ["FARGATE"] 63 execution_role_arn = aws_iam_role.execution.arn 64 container_definitions = <<-JSON 65 [ 66 { 67 "image": "terraterst-example", 68 "name": "terratest", 69 "networkMode": "awsvpc" 70 } 71 ] 72 JSON 73 74 } 75 76 # --------------------------------------------------------------------------------------------------------------------- 77 # CREATE THE ECS TASK EXECUTION ROLE AND ATTACH APPROPRIATE AWS MANAGED POLICY 78 # --------------------------------------------------------------------------------------------------------------------- 79 80 resource "aws_iam_role" "execution" { 81 name = "${var.cluster_name}-ecs-execution" 82 assume_role_policy = data.aws_iam_policy_document.assume-execution.json 83 } 84 85 resource "aws_iam_role_policy_attachment" "execution" { 86 role = aws_iam_role.execution.id 87 policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" 88 } 89 90 data "aws_iam_policy_document" "assume-execution" { 91 statement { 92 effect = "Allow" 93 actions = ["sts:AssumeRole"] 94 principals { 95 type = "Service" 96 identifiers = ["ecs-tasks.amazonaws.com"] 97 } 98 } 99 } 100