Open srinivasaleti opened 1 year ago
VPC and networking
resource "aws_vpc" "app_vpc" {
cidr_block = var.cidr
tags = {
Name = "${var.app_name}-${var.environment}-vpc"
Environment = var.environment
}
}
resource "aws_subnet" "private" {
vpc_id = aws_vpc.app_vpc.id
count = length(var.private_subnets)
cidr_block = element(var.private_subnets, count.index)
availability_zone = element(var.availability_zones, count.index)
tags = {
Name = "${var.app_name}-${var.environment}-private_subnet-${count.index + 1}"
Environment = var.environment
}
}
resource "aws_subnet" "public" {
vpc_id = aws_vpc.app_vpc.id
cidr_block = element(var.public_subnets, count.index)
availability_zone = element(var.availability_zones, count.index)
count = length(var.public_subnets)
map_public_ip_on_launch = true
tags = {
Name = "${var.app_name}-${var.environment}-public-subnet-${count.index + 1}"
Environment = var.environment
}
}
# Internet gateway for internet communication
resource "aws_internet_gateway" "igw" {
vpc_id = aws_vpc.app_vpc.id
tags = {
Name = "${var.app_name}-${var.environment}-igw"
Environment = var.environment
}
}
resource "aws_route_table" "public" {
vpc_id = aws_vpc.app_vpc.id
tags = {
Name = "${var.app_name}-${var.environment}-routing-table-public"
Environment = var.environment
}
}
resource "aws_route" "public" {
route_table_id = aws_route_table.public.id
destination_cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.igw.id
}
resource "aws_route_table_association" "public" {
count = length(var.public_subnets)
subnet_id = element(aws_subnet.public.*.id, count.index)
route_table_id = aws_route_table.public.id
}
output "vpc_id" {
value = aws_vpc.app_vpc.id
}
Terraform To Create ECS cluster
IAM policy to enable the service to pull the image from ECR.
data "aws_iam_policy_document" "assume_role_policy" {
statement {
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = ["ecs-tasks.amazonaws.com"]
}
}
}
resource "aws_iam_role" "ecs_task_execution_role" { name = "${var.appname}${var.app_name}_execution_task_role" assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json tags = { Name = "${var.app_name}-iam-role" Environment = var.environment } }
resource "aws_iam_role_policy_attachment" "ecs_Task_execution_role_policy" { role = aws_iam_role.ecs_task_execution_role.name policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role" }
What is ECS?
Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service that helps you easily deploy, manage, and scale containerized applications
ECS terminology and components
Fargate is suitable for the following workloads:
EC2 is suitable for the following workloads: