data "template_file" "container" {
template = file("./templates/container-definitions.tpl")
vars = {
container_name = var.container_name
image_name = var.image_name
app_port1 = var.container_app_port[0]
app_port2 = var.container_app_port[1]
app_port3 = var.container_app_port[2]
informatica_username = var.informatica_username
informatica_password = var.informatica_password
volume1 = var.secure_agnet_container_volumes[0]
volume2 = var.secure_agnet_container_volumes[1]
volume3 = var.secure_agnet_container_volumes[2]
volume4 = var.secure_agnet_container_volumes[3]
secure_agent_efs_volume = var.secure_agent_efs_volume
}
}
data "aws_iam_role" "ecs-task-execution" {
name = "ecsTaskExecutionRole"
}
resource "aws_ecs_task_definition" "task" {
family = var.ecs_task_name
execution_role_arn = data.aws_iam_role.ecs-task-execution.arn
network_mode = var.container_network_mode
requires_compatibilities = [
"EC2"]
container_definitions = data.template_file.container.rendered
volume {
name = var.secure_agent_efs_volume
host_path = ""
docker_volume_configuration {
autoprovision = true
scope = "shared"
driver_opts = {
"type" = "nfs"
"device" = "${aws_efs_file_system.secure-agent-fs.dns_name}:/"
"o" = "addr=${aws_efs_file_system.secure-agent-fs.dns_name},nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,nosuid"
}
}
}
tags = var.ecs_task_tags
}
resource "aws_ecs_service" "service" {
name = var.ecs_service_name
cluster = aws_ecs_cluster.cluster.id
task_definition = aws_ecs_task_definition.task.arn
desired_count = 1
# secure agent configs and logs are persisted into an EFS volume.
launch_type = "EC2"
network_configuration {
security_groups = [
data.aws_security_group.sec-group.id]
subnets = data.aws_subnet_ids.subnets.ids
assign_public_ip = false
}
}
resource "aws_ecs_cluster" "cluster" {
name = var.ecs_cluster_name
tags = var.ecs_cluster_tags
}