github.com/tetrafolium/tflint@v0.8.0/tflint/test-fixtures/v0.11.0_module/.terraform/modules/75f06b5c36dd1be566ec9e32e6aca4b5/spotfleet.tf (about) 1 resource "aws_iam_instance_profile" "ecs" { 2 name = "${var.app_name}-ecs-instance" 3 roles = ["${aws_iam_role.ecs_instance.name}"] 4 } 5 6 resource "aws_iam_policy_attachment" "ecs_instance" { 7 name = "${var.app_name}-ecs-instance" 8 roles = ["${aws_iam_role.ecs_instance.name}"] 9 policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role" 10 } 11 12 resource "aws_iam_role" "ecs_instance" { 13 name = "${var.app_name}-ecs-instance" 14 path = "/" 15 16 assume_role_policy = <<EOF 17 { 18 "Version": "2008-10-17", 19 "Statement": [ 20 { 21 "Action": "sts:AssumeRole", 22 "Principal": { 23 "Service": "ec2.amazonaws.com" 24 }, 25 "Effect": "Allow", 26 "Sid": "" 27 } 28 ] 29 } 30 EOF 31 } 32 33 resource "aws_security_group" "ecs_instance" { 34 name = "${var.app_name}-ecs-instance" 35 description = "container security group for ${var.app_name}" 36 vpc_id = "${var.vpc}" 37 38 ingress { 39 from_port = 0 40 to_port = 65535 41 protocol = "TCP" 42 security_groups = ["${aws_security_group.ecs_alb.id}"] 43 } 44 45 egress { 46 from_port = 0 47 to_port = 0 48 protocol = "-1" 49 cidr_blocks = ["0.0.0.0/0"] 50 } 51 } 52 53 resource "aws_iam_policy_attachment" "fleet" { 54 name = "${var.app_name}-fleet" 55 roles = ["${aws_iam_role.fleet.name}"] 56 policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole" 57 } 58 59 resource "aws_iam_role" "fleet" { 60 name = "${var.app_name}-fleet" 61 62 assume_role_policy = <<EOF 63 { 64 "Version": "2008-10-17", 65 "Statement": [ 66 { 67 "Sid": "", 68 "Effect": "Allow", 69 "Principal": { 70 "Service": [ 71 "spotfleet.amazonaws.com", 72 "ec2.amazonaws.com" 73 ] 74 }, 75 "Action": "sts:AssumeRole" 76 } 77 ] 78 } 79 EOF 80 } 81 82 resource "aws_spot_fleet_request" "main" { 83 iam_fleet_role = "${aws_iam_role.fleet.arn}" 84 spot_price = "${var.spot_prices[0]}" 85 allocation_strategy = "${var.strategy}" 86 target_capacity = "${var.instance_count}" 87 terminate_instances_with_expiration = true 88 valid_until = "${var.valid_until}" 89 90 launch_specification { 91 ami = "${var.ami}" 92 instance_type = "${var.instance_type}" 93 spot_price = "${var.spot_prices[0]}" 94 subnet_id = "${var.subnets[0]}" 95 vpc_security_group_ids = ["${aws_security_group.ecs_instance.id}"] 96 iam_instance_profile = "${aws_iam_instance_profile.ecs.name}" 97 key_name = "${var.key_name}" 98 99 root_block_device = { 100 volume_type = "gp2" 101 volume_size = "${var.volume_size}" 102 } 103 104 user_data = <<USER_DATA 105 #!/bin/bash 106 echo ECS_CLUSTER=${aws_ecs_cluster.main.name} >> /etc/ecs/ecs.config 107 USER_DATA 108 } 109 110 launch_specification { 111 ami = "${var.ami}" 112 instance_type = "${var.instance_type}" 113 spot_price = "${var.spot_prices[1]}" 114 subnet_id = "${var.subnets[1]}" 115 vpc_security_group_ids = ["${aws_security_group.ecs_instance.id}"] 116 iam_instance_profile = "${aws_iam_instance_profile.ecs.name}" 117 key_name = "${var.key_name}" 118 119 root_block_device = { 120 volume_type = "gp2" 121 volume_size = "${var.volume_size}" 122 } 123 124 user_data = <<USER_DATA 125 #!/bin/bash 126 echo ECS_CLUSTER=${aws_ecs_cluster.main.name} >> /etc/ecs/ecs.config 127 USER_DATA 128 } 129 130 depends_on = ["aws_iam_policy_attachment.fleet"] 131 }