resource "aws_autoscaling_group" "secure-agent-autoscaling-group" {
  # as per our current licesning in IICS, each docker instance that
  # runs on EC2 will treat at as a new license.
  name             = "secure-agent-autoscaling-group"
  desired_capacity = 1
  max_size         = 1
  min_size         = 1

  # make sure deployed EC2 instance is in the same AZ as the EFS
  # see https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-cmd-dns-name.html
  vpc_zone_identifier  = [sort(data.aws_subnet_ids.subnets.ids)[0]]
  health_check_type    = "EC2"
  launch_configuration = aws_launch_configuration.secure-agent-launch-config.name
  tag {
    key                 = "Name"
    value               = "IICS Secure Agent"
    propagate_at_launch = true
  }
}

data "aws_ami" "ecs-optimized" {
  most_recent = true
  owners      = ["amazon"]

  filter {
    name   = "name"
    values = ["*-amazon-ecs-optimized"]
  }
}

resource "aws_launch_configuration" "secure-agent-launch-config" {
  name              = "secure-agnet-launch-configuration"
  image_id          = data.aws_ami.ecs-optimized.image_id
  enable_monitoring = false

  iam_instance_profile = aws_iam_instance_profile.ecs-instance-profile.name
  security_groups      = [data.aws_security_group.sec-group.id]
  user_data            = <<EOF
              #!/bin/bash
              echo ECS_CLUSTER=${var.ecs_cluster_name} >> /etc/ecs/ecs.config
              sudo yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
              EOF
  instance_type        = var.instance_type
  lifecycle {
    create_before_destroy = true
  }
}