data-pipeline-ecs-task
dod-iac/data-pipeline-ecs-task/aws
An ECS task as part of a data pipeline
Usage Creates the resources to run an ECS task as part of a data pipeline, including an IAM policy, task definition, task execution role, and task role. ``hcl resource "aws_cloudwatch_log_group" "ecs_task" { name = format("/aws/ecs/app-%s-task-%s", var.application, var.environment) retention_in_days = 1 # expire logs after 1 day tags = var.tags } module "data_pipeline_ecs_task" { source = "dod-iac/data-pipeline-ecs-task/aws" cloudwatch_log_group_name = aws_cloudwatch_log_group.ecs_task.name command = ["help"] entryPoint = ["/entrypoint.sh"] execution_role_name = format("app-%s-ecs-execution-role-%s", var.application, var.environment) image = var.image memory = pow(2, 5) name = format("app-%s-task-%s", var.application, var.environment) s3_buckets_read = [aws_s3_bucket.source.arn] s3_buckets
| Name | Type | Description | Default |
|---|---|---|---|
| command | list(string) | The command to use with the task. | |
| entryPoint | list(string) | The entry point to use with the ECS task. | |
| task_role_name | string | The name of the IAM task role used by the ECS task. | |
| name | string | The name of the ECS task definition, essential container, and CloudWatch stream | |
| execution_role_name | string | The name of the IAM execution role used by the ECS task. | |
| memory | number | The memory allocated to the ECS task. | |
| cloudwatch_log_group_name | string | The name of the CloudWatch log group that the ECS task sends logs to. | |
| image | string | The image for the essential container of the ECS task. | |
| network_mode | string | The Docker networking mode to use for the task. Valid values are none, bridge, | "awsvpc" |
| s3_buckets_write | list(string) | The ARNs of the AWS S3 buckets that can be written to. Use ["*"] to allow all b | [] |
| readonlyRootFilesystem | bool | If true, then the container's root filesystem is mounted as read only. | false |
| requires_compatibilities | list(string) | Set of launch types required by the task. The valid values are EC2 and FARGATE. | [
"EC2",
"FARGATE"
] |
| task_role_policy_name | string | The name of the IAM policy attached to the task role used by the ECS task. If n | "" |
| s3_buckets_read | list(string) | The ARNs of the AWS S3 buckets that can be read from. Use ["*"] to allow all bu | [] |
| cpu | number | Number of cpu units used by the task. If the requires_compatibilities is FARGATE | 4096 |
| execution_role_policy_name | string | The name of the IAM policy attached to the IAM Execution role used by the ECS ta | "" |
| glue_tables_add | list(object({ database = s | List of glue tables that partitions can be added to. | [] |
| tags | map(string) | A mapping of tags to assign to the resources. | {} |
| kms_keys_encrypt | list(string) | The ARNs of the AWS KMS keys that can be used to encrypt data. Use ["*"] to all | [] |
| task_role_policy_document | string | The contents of the IAM policy attached to the IAM Execution role used by the EC | "" |
| execution_role_policy_document | string | The contents of the IAM policy attached to the IAM execution role used by the EC | "" |
| kms_keys_decrypt | list(string) | The ARNs of the AWS KMS keys that can be used to decrypt data. Use ["*"] to all | [] |
task_definition_family — The family of the AWS ECS Task Definition.task_definition_revision — The latest revision of the AWS ECS Task Definition.task_definition_arn — The Amazon Resource Name (ARN) of the AWS ECS Task Definition.Azure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,