Skip to content
Snippets Groups Projects

Add SSM agent policy to instance profile, add name tag to autoscaling group

Merged Add SSM agent policy to instance profile, add name tag to autoscaling group
ssm-role into master
Merged Jared Kosanovic requested to merge ssm-role into master
Compare
and
8 files
+ 57
46
Compare changes
  • Side-by-side
  • Inline
Files
8
terraform/autoscaling-group.tf
+ 16
11
resource "aws_autoscaling_group" "secure-agent-autoscaling-group" {
resource "aws_autoscaling_group" "secure-agent-autoscaling-group" {
# as per our current licesning in IICS, each docker instance that
# as per our current licesning in IICS, each docker instance that
# runs on EC2 will treat at as a new license.
# runs on EC2 will treat at as a new license.
name = "secure-agent-autoscaling-group"
name = "secure-agent-autoscaling-group"
desired_capacity = 1
desired_capacity = 1
max_size = 1
max_size = 1
min_size = 1
min_size = 1
# make sure deployed EC2 instance is in the same AZ as the EFS
# make sure deployed EC2 instance is in the same AZ as the EFS
# see https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html
# see https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html
vpc_zone_identifier = [sort(data.aws_subnet_ids.subnets.ids)[0]]
vpc_zone_identifier = [sort(data.aws_subnet_ids.subnets.ids)[0]]
health_check_type = "EC2"
health_check_type = "EC2"
launch_configuration = aws_launch_configuration.secure-agent-launch-config.name
launch_configuration = aws_launch_configuration.secure-agent-launch-config.name
 
tag {
 
key = "Name"
 
value = "IICS Secure Agent"
 
propagate_at_launch = true
 
}
}
}
data "aws_ami" "ecs-optimized" {
data "aws_ami" "ecs-optimized" {
@@ -24,19 +29,19 @@ data "aws_ami" "ecs-optimized" {
@@ -24,19 +29,19 @@ data "aws_ami" "ecs-optimized" {
}
}
resource "aws_launch_configuration" "secure-agent-launch-config" {
resource "aws_launch_configuration" "secure-agent-launch-config" {
name = "secure-agnet-launch-configuration"
name = "secure-agnet-launch-configuration"
image_id = data.aws_ami.ecs-optimized.image_id
image_id = data.aws_ami.ecs-optimized.image_id
enable_monitoring = false
enable_monitoring = false
iam_instance_profile = aws_iam_instance_profile.ecs-instance-profile.name
iam_instance_profile = aws_iam_instance_profile.ecs-instance-profile.name
security_groups = [data.aws_security_group.sec-group.id]
security_groups = [data.aws_security_group.sec-group.id]
user_data = <<EOF
user_data = <<EOF
#!/bin/bash
#!/bin/bash
echo ECS_CLUSTER=${var.ecs_cluster_name} >> /etc/ecs/ecs.config
echo ECS_CLUSTER=${var.ecs_cluster_name} >> /etc/ecs/ecs.config
sudo yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
sudo yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
EOF
EOF
instance_type = var.instance_type
instance_type = var.instance_type
lifecycle {
lifecycle {
create_before_destroy = true
create_before_destroy = true
}
}
}
}
\ No newline at end of file